OPINION: The Fine Art of Failing vs Mitigating in Security

Last week, I wrote a post regarding “security myths”. In that post, I was hesitant to be overly critical of the United States Secret Service’s response to recent intrusions. In the days following my article, there have been very illuminating leaks regarding exactly what happened that day. One revelation was the intruder actually made his way inside the White House. Before the leaks, I stated whatever the After Action Reports revealed; the entire incident was not a mission failure. I stand by that conclusion for a few of the reasons outlined below:




1. Mitigation is the goal of any security program. The idea that we, in security, prevent bad things from happening is a huge myth. You can lock your doors and windows to thwart bad guys but the only people who make the final determination whether the bad guys continue are the bad guys. We mistakenly believe security is a physical entity we can see, when in fact, it is a psychological construct designed to enable us to move on from our fears to do other important things vital to survival. What we seek is protection which is only achieved by mitigation. Mitigation is what we do to reduce the potential harm inflicted on us if the adversary should show up. So the lock does not prevent crimes but its presence gives us some sense of security, while it also mitigates potential threats that may come via the doors.

Prevention is perhaps the one thing we don’t control but assume we should. In the case of the Secret Service, yes, there were lapses in security. Uniformed personnel were obviously not able to sufficiently cover the grounds of the White House. They could have done more to secure the doors and should have posted someone able to engage a threat coming for the North Portico doors. Someone at Secret Service did on multiple occasions succumb to allowing convenience to overrule the imperatives of adequate mitigation. The White House staff and the United States Secret Service did fall for the psychological trap of security, instead of following a plan that guaranteed mitigation.

Feeling safe is not the same as being safe. That being said, various mitigation tools did work like the successful evacuation of the press and staff who were in danger. Also, an off-duty agent was successful in aiding in the apprehension of the subject. It’s important to note the Secret Service’s mission is to protect the President and Vice President as well as all principles designated by law. In short, with no loss of life, this mission was accomplished solely because other mitigation tools had a chance to do what they were designed to do. It was a mess and it certainly does not reflect well on the Secret Service.

2. Prevention as a security goal and task are unrealistic. An old adage I remember from my days in the Air Force is “the enemy gets a vote”. No matter how good your plan is or how great your mitigation tools and techniques are, nothing you do will prevent the enemy from doing anything except killing him. Detention is, at best, only guaranteed to delay their actions. In fact, the only reason I believe the saying “Only you can prevent forest fires” is because I always thought Smokey the Bear was talking to potential perpetrators of forest fires and not victims. So why do we insist on believing prevention is realistic, if we’re solely addressing victims? What most people want are more effective mitigation tools but assume the semantics mean the same when they don’t.

3. Every security organization is bound by the use of force continuum. Some argue the Secret Service should have killed the subject immediately. Many of these people ignore Graham vs Connor which dictates the level of force an officer can use against any subject. That standard is called the “objective reasonableness standard”. This comes from the idea an officer can use whatever force is necessary to stop any threat as long as that force is comparable to what a reasonable officer would deploy in similar circumstances. Would a reasonable officer shoot a potentially unarmed man just because he committed a trespass violation? Imagine the precedence we could set by implying under certain circumstances it is reasonable to kill someone for seemingly minor offenses. Does a simple trespass have the potential to be more at the White House? Oh, for sure. Until a person displays a lethal “intent, opportunity, and capability” against another, we are bound to use the force a reasonable officer would to stop the threat. Otherwise, we stand the chance of the White House become a favorite spot for those looking to die via “suicide by cop” or placing the White House and its security at the center of a potential tragedy.If these statements make you upset, then I implore you to read what I said again. I never said deadly force was not authorized. It is. Deadly force can be used as soon as the threat meets those three criteria I established prior.

4. Like it or not, the White House is a tourist attraction and that complicates things greatly. Did you know the White House receives millions of visitors annually? This accounts for those who merely gaze through the fence and those who come to take a tour. In partnership with the Park Service, the United States Secret Service is tasked with protecting the White House in spite of the enormous opportunity various threats have to carry out an attack either against the throng of tourists or the President. In most executive protection assignments, the principles address is a matter of neither public record nor access. The Secret Service is in the unenviable position of protecting the President in a vastly different environment. Measures we’d like to see taken in one regard (i.e. fortifications) which help mitigate the visibility of the grounds and the principles are often not what the public envisions when they come to see their “house”.

5. In some executive protection circles, if not most, there is a delicate balance between protection and convenience. Most people who have never worked an executive protection detail don’t get how often the people protecting dignitaries are overridden when it comes to matters of convenience. I have known a many of personal protection officers who have complained they have been told to “stay with the car” when a VIP goes some place where his protection details has no visibility. 

With the White House incident, we learned a key mitigation tool was rendered ineffective because the White House Usher’s Office decided the intrusion notification system was too loud and needed to be turned off. In a world where one sees protection and is lulled into feeling “safe”, this is an easy mistake to make. It never costs you in the short-term. It won’t hurt today but you can bet when the adversary shows up, you’ll wish you had that mitigation tool in place. Is this a fault of the Secret Service? Sure, in some ways. They could have pressed the issue and said “no”. They, not the Usher, are legally mandated to protect the President. If that tool aids them in doing so, then the tool stays. Period. Is there a culture in Secret Service that enables this? I don’t know. What I can tell you is there is a culture in DC and the White House that does. Hopefully, the hearings which are going on will further highlight the need to silence the parts of that culture that negate sound protection practices.

6. Finally, stuff just happens. During my 14 years in this industry, I spent 10 in the service of the United States Air Forces in military law enforcement and security. My first few years were spent as a young Airman performing what is commonly termed as “gate guard” duties. I stood at the main gate of our installation controlling entry and exit. I was also responsible for issuing countless visitor passes. I was really good at my job. So good that I was winning awards and accolades above my peers. However, on one fateful day, I encountered something no one expected.

A female Technical Sergeant and her male guest came to the visitors’ center looking to get a visitor pass. All that was required at the time was a military ID card from her and a government issued ID from him. I checked his ID which was a passport and noted all of the details had matched. Our conversation was good and I detected nothing extremely peculiar. Actually, I did note something but I was stationed in Idaho so it was not a big deal at the time. Her guest asked if he could bring his personal weapon on the base. I told him he could not and asked if he had the weapon. He replied he hadn’t and she reassured me he hadn’t one. The question seemed one of mere curiosity in an attempt to make “small talk”. I had done everything I could do at that moment.

It was not until two days later was I approached by our investigators and several federal agents informing me several tactical vehicles were coming to apprehend him for being a fugitive – he had killed several people and almost killed a police officer. I was crushed. How could this happen? Should I have asked more questions? Would they blame me?

Years later, still torn by this, I asked a mentor who informed me I had done nothing wrong and in fact did everything right. Despite my best efforts, the adversary won. This is an unfortunate but inherent ingredient of protection. No matter what you do, the enemy will still do what he does and it is your job to prepare for that and win.

VIDEO: Kenyan Presidential Security

While reviewing the latest YouTube videos on security, I came across the video above. If you're not aware, Kenya recently held its presidential elections where Uhuru Kenyatta was named its fourth president-elect. As is the case in the United States, Kenya's head of state has a protection detail.

Here's what I gleaned from the video:

1. Kenyans have a different protection mentality than most Westerners which may actually be good. The news anchors were briefly explaining what happens once the election has been certified, when she said "he'll become the 'property of the state'". Additionally, the detail and not the principle control his/her security.
2. While awaiting the election to not be challenged, Uhuru will have a temporary detail and a code name assigned to him much like in the States where the president-elect receives his/her detail as soon he receives his party's nomination.
3. There details seem to be structured somewhat similarly as Western nations. There is an exterior perimeter surrounding the vehicle and an interior as well. The exterior appears to be doing some outward surveillance while the inner perimeter concentrates on the road ahead. They also seem to have control over the reception line as well.

While researching this story, I came across another video which was a bit more telling.

From this video, we can see a few similarities and some differences.

1. Changing radio call signs. No secrets here. Great tactic that is used all over the world.
2. Route clearance. Another great move. Though, I am curious why took this road. Many details would have avoided it for its obvious issues.
3. Open air vehicles should ALWAYS be a no-no.
4. Giving the principle the threat information briefing every night is good. Though, I think this should be something he gets along with his intelligence report first thing in the morning.

The Kenyans are moving in the right direction towards VIP security. There were lots of things I like from a protection specialist perspective. And there were things I did not like. Most of the things I did not like are lessons best learned through countless drills and exercises to hone in how vulnerable your principle is. In light of al Shabab's threats and terrorist activities against the Kenyans, it's safe to assume they are working out some of the kinks.

INFOGRAPHIC: Top 5 Celebrity Break-ins

(click to enlarge)

Stealing the Spotlight infographic

INFOGRAPHIC: Presidential Security Facts

(click to enlarge)

Presidential Security infographic by VisualApogee.

Have You Seen Former FBI Agent Robert Levinson?

Former Special Agent Robert Levinson missing since March 2007

Robert Levinson is a former FBI agent who has gone missing since March 2007 in Iran. He was acting as a private investigator looking into cigarette-smuggling. There has been contact with the hostage-takers and Robert Levinson's family. There are some experts who have noted the sophisticated tradecraft involved in the transmission of these messages from the hostage-takers. They conclude this points to Iran clearly. The Iranian government contends they had nothing to do with this. Iranian president Mahmoud Ahmadnejad has stated, "Our security officials and agents have expressed their willingness to assist the FBI, if the FBI has any information about his travels around the world." It's curious he would make such a statement. What would his "travels around the world" illuminate for the Iranians? Ahmenijad has a history of playing coy whenever the Iranians have ever been directly linked with any nefarious activities. It's like asking your child to tell you who broke lock on a drawer you were keeping his Christmas presents and they reply "I would be happy to help you find the lock if you would tell me what the lock was protecting."

Here's an example of the messaging sent to Levinson's family.

Levinson supposedly met with Dawud Salahuddin, an American fugitive who converted to Islam and later assasinated an Iranian diplomat in the US. Salahuddin describes himself as a close friend with whom he "shared hotel room on Kish on March 8. Iranian officials in plain clothes came to the room and detained and questioned Salahuddin about his Iranian passport, Salahuddin said. On his release a day later, Levinson had disappeared, and the Iranian officials told Salahuddin he had left Iran." Salahuddin then says something that caught my eye - "I don't think he is missing, but don't want to point my finger at anyone. Some people know exactly where he is," Salahuddin told the newspaper (Financial Times). "He came only to see me." Salahuddin is in a very tricky spot. Levinson was meeting him to network with Iranian officials who might provide leads for a cigarette company that retained Levinson's services. Salahuddin can't go into further details because of his delicate situation there - he's political in Iran and has supported reformers who oppose the current regime. If the Iranians did take Levinson and Salahuddin knows something, I would suspect he's not going to say much for fear of endangering his safe-haven. 

Fred Burton, the VP for Intelligence at Stratfor, has put out a video talking about hypothetical investigative techniques US authorities have engaged in since they received the messages from the hostage-takers. It is interesting to note the correlation between the imagery analysis to find terrorist groups via their messaging and the analysis that goes into locating a hostage like Levinson with similar messaging. His video is below.

I have several readers in Iran.  So I'm going to post Levinson's picture and biographical data as well as a link to his family's blog.

Kish Island, Iran
March 9, 2007 

ROBERT A. LEVINSON

DESCRIPTION

Date of Birth:	March 10, 1948	Hair:	Gray
Place of Birth:	Flushing, New York	Eyes:	Blue
Height:	188 cm (74 inches) - at the time of his disappearance	Sex: Race:	Male White
Weight:	104 kg (230 pounds) - at the time of his disappearance	Citizenship:	U.S.

Remarks:

Levinson wears eyeglasses. He is believed to have lost a significant amount of  weight, possibly 50-60 pounds.

THE DETAILS Information is being sought regarding United States citizen Robert A. Levinson, a retired FBI Special Agent, who went missing during a business trip to Kish Island, Iran, on March 9, 2007. Levinson retired from the FBI in 1998 and worked as a private investigator following his retirement. Levinson traveled to Kish Island, Iran, on March 8, 2007, working on behalf of several large corporations, and his whereabouts, well-being and the circumstances surrounding his disappearance have been unknown since that time.  REWARD The United States Government is offering a reward of up to $1,000,000 for information leading directly to the safe location, recovery and return of Robert A. Levinson  ADDITIONAL INFORMATION If you have any information concerning Robert Levinson, please contact the FBI Tip Line at tips.fbi.gov. You can also contact your nearest American Embassy or U.S. Consulate.  Field Office: Washington Field Office

OPINION: Why Benghazi Keeps Me Up At Night

I got to thinking again about Benghazi.  Actually, that damn city has been on my mind for months.  I digress.  I kept thinking tonight about why the intelligence community (IC) would redact its knowledge of the attackers being terrorists.  It's a common question among many "Benghazi-gate" - as I like to call them - "DIY investigators".

Here's my take:

• The IC allegedly received an intelligence report via email that Ansar al-Sharia had claimed responsibility via Facebook.  We now know that post was either removed, never existed, or was posted by someone only familiar with the group, according to various "senior Administration sources" used by the media.  Why post something and then remove it?  Logic would dictate if you were bad enough to do the deed and then brag about it, why take it down.
• If in fact the Facebook post were from the group, it's quite simple why they would remove it.  Terrorists aren't all that dumb and are certainly tech savvy enough to understand how IP addresses work.  If true, it is my supposition they realized that within minutes the IC would be running traces on the IP associated with that post and would be ramming a Hellfire missile down the author's throat not too soon afterwards.
• I know what you're thinking - But that doesn't explain why the Director of National Intelligence would remove it from Ambassador Rice's statement.  Au contraire!  It does.  My guess is the IC was close to running that trace but hadn't acted on it for various reasons - one of which I'll explain in a bit.  In these types of dynamic situations, it can be difficult to ascertain fact from fiction.  When coordinating retribution attacks, you need to be accurate.  Supposing the Facebook post did exist, the IC presumably asked that Ambassador Rice not blow their cover by disclosing in fact that they knew who the bad guys were.  I see you over there making that face.  
• Before this alleged posting by Ansar al-Sharia, we had no concrete evidence they were the culprit.  Had Ambassador Rice said this was terrorism too prematurely, we may have lost the tactical advantage of surprise and could have made things extremely problematic for our Libyan allies and our special operations units who undoubtedly would have/could have/should have been tasked with hunting down the culprits.  To give the situation some additional much-need perspective, it would do us all well to remember there wasn't a single capture from this attack.  With the absence of a significant amount of actionable chatter, the US government would have been flying blindly with a reprisal attack.
• Oh. Did I forget to mention how unreliable the source that email cited was?  Yeah. About that.  CNN contacted a guy, Aaron Azelin who monitors jihadist sites for a living.  You'll love what he said.

"However, an examination of the known Facebook and Twitter accounts of Ansar al-Sharia in Benghazi reveals no such claim of responsibility. Aaron Zelin, a research fellow at the Washington Institute for Near East Policy, tracks dozens of jihadist websites and archives much of what they say. He told CNN he was unaware of any such claim having been posted on the official Facebook page or Twitter feed of Ansar al-Sharia in Benghazi.
Zelin, who said his RSS feed sends him any new statement from the group, provided CNN with a copy of that feed. It shows no Facebook update between September 8 and September 12, when a posting late that afternoon first referenced the attack. Zelin notes that the posting referred to a news conference the group had held earlier that day in Benghazi in which it denied any role in the assault on the consulate, while sympathizing with the attackers.

Accompanying a posting of the news conference on YouTube, a commentary says that the attack on the consulate was "a wave of rage for Allah and his Prophet, it came from the Muslim youths."

The posting continues: "Ansar al-Sharia brigade did not officially participate as a military body, nor received any orders directed from the brigade."

The group's Twitter feed tells the same story. The account, @anssarelshariea, bears the group's logo and a tweet on September 8 - and then nothing until four days later. And at no point is there a claim of involvement in or responsibility for the attack on the U.S. Consulate compound."

All of this makes me wonder, "How is that we had a CIA station in Benghazi but the only intelligence we had to verify this group was responsible came from a single Facebook post?"  I know getting a hold of sources during a crisis can be difficult and the intel may not be very credible but I can't help but wonder why we haven't heard more about the human intelligence that should have been available.  You would naturally assume the CIA would have been working its assets into this group and would have had some indication this was coming.  Maybe it did but that hasn't come out of any of the testimony, as far as I know.  Instead of asking this and other questions relating to what happened on the ground, we've been stuck with an oversight committee more obsessed with talking points and adulterous 4-star generals.  I firmly believe in order to properly secure any resource in a hostile environment, you have to be procuring actionable intelligence.  This did not happen in Benghazi.  Until we address this shortcoming, it may continue to happen.

My Problem With Benghazi Conspiracy Theories

Folks, I have some fundamental issues with most conspiracy theories.  Many have very little data to substantiate what they either indirectly imply or overtly say.  Most of it is pure speculation with very vague familiarity of the incident (i.e. "I have a cousin who knows a guy in the military that says", "Newt said", "I heard it from Sean Hannity").  If you weren't there, then it's just speculation.  The various theories and innuendos about Benghazi are of the same ilk.  I'll spell out why by attempting to debunk the top four Benghazi theories/innuendos:

1. As I mentioned before, Chris Stevens was NEVER EVER raped.  No one has stated this except for a lone newspaper out of Lebanon and few Facebook bloggers.
2. Chris Stevens was not killed as the result of being shot, beaten, or burned.  He was killed by smoke inhalation.  Simply put, it takes only 20 minutes of active burning for lethal levels of smoke and heated air to accumulate.  Charlene Lamb, the Deputy Assistant Secretary for International Programs in the Bureau of Diplomatic Security at the Department of State, stated in her testimony before the House Oversight Committee on October 10, 2012, 
1. "Gunfire was heard from multiple locations on the compound.  One agent secured Ambassador Stevens and Sean Smith, the information management officer, in the safe haven.  The other agents retrieved their M4 submachine guns and other tactical gear from Building B.  When they attempted to return to the main building, they encountered armed attackers and doubled back to Building B. The attackers used diesel fuel to set the main building ablaze.  Thick smoke filled the entire structure.  The Diplomatic Security agent began leading the Ambassador and Sean Smith through the debilitating smoke toward the emergency escape window.The agent, nearing unconsciousness himself, opened the window and crawled out.  He then realized they had become separated in the smoke.  So he reentered the building and searched multiple times for the Ambassador and Mr. Smith.  Finally the agent—suffering from severe smoke inhalation and barely able to breathe or speak – exited to the roof and notified the Tactical Operations Center of the situation (TOC)." 
2. Even IF, the Department of Defense could have supplied tactical resources to respond to Benghazi, the likelihood Chris Stevens would have already been dead is very high.  Chris Stevens, more than likely, died at the early onset of this engagement.  Deputy Assistant Secretary Lamb got her intel from the TOC and the agents' after-action reports.  In other words, she heard it from the folks on the ground and not Fox, ABC, CBS, etc.
3. The Department of Defense got an email to stand down.  This one comes from our dear friend, Newt Gingrich.  You'll do good to click on that link and note the timing of that email in relation to the election and the word "rumor" (ahem!....not a fact) in his quote.  
1. Okay, folks the likelihood the DoD would have received an email to "stand down" is very unlikely.  If there is one thing we've learned since Ollie North, it's never send an email when involved in far-reaching conspiracies.  This conversation would have happened over a secure communications line or in person at the Situation Room and would have relayed the assets DoD would have needed to support and/or pull of a successful rescue operation and their respective availability.  I'm not sure if you're aware of this, but it takes the DoD a LONG time to respond to anything.  The assets (Special Operation Forces) DoD would have sent were more than likely on other missions related to GWOT (Global War on Terrorism).  Contrary to popular belief, the nearest special operations unit was in Rota, Spain. Folks, these guys don't ride on supersonic jets.  The flight time, not counting preparation, narrows your response time greatly.  Also, remember everything the government does in terms of its official actions is almost always recorded.  Leon Panetta will soon testify before Congress knowing this data was fully available to Congress.  My guess is Patraeus will testify to the same as it was his agency that provided most of the backup.
4. The White House is blackmailing Patraeus with the affair scandal.  Why?  Seriously.  Why would the White House blackmail a guy who was going to testify any way?  This investigation has been going on for months.  Why now?  Divorces are messy and affairs even messier but lying to Congress about what a whole division of an intelligence agency knew is even worse for everyone involved.  Patraeus and anyone with a pulse in DC knows that.  But wait - there are more problems with this theory:
1. The original investigator had sent shirtless pictures of himself to the victim.
2. The investigation began by a complaint from someone with no connection to the White House and also sleeping with another General officer supposedly.
3. The Patraeus affair would have presumably never have came to light had it not been for his mistress' threatening emails about her suspicions of the victim and Patraeus.  
4. Just in case you're wondering the FBI's jurisdiction in all of this, remember threatening someone is a crime and if done over email is federal offense due to the federal government's jurisdiction over interstate commerce.
5. Patraeus was still going to testify.  Remember Congress has subpoena power over anyone for any reason.  An oversight committee hearing is much like testifying in a court of law.  There is even oath.  The risk a blackmailer takes with blackmail once they reveal their hand is that target may be even more inclined to tell the truth.  If huge conspiracies are your thing, you can't afford to have this happen.
6. Two GOP congressmen knew of the investigation days before the election and just sat on it.  In any conspiracy, you need loyal and discreet people - a shirtless FBI dude and a couple of GOP congressmen "in the know" are less than ideal. 

Before I get deluged with comments, let me answer some questions:

Were there screw-ups in Benghazi? 

Yup. 

Am I excusing those? 

Nope.  

Do I believe this investigation has become partisan beyond comprehension?  

Yup.  

Do I think the American people will ever get the whole truth?  

No for a variety of reasons.  

Should this diminish our need to find the truth? 

No.  People died and we need to know why in order to fix it.  

What/who do you blame for these deaths?  I think it is very ironic the CIA is rumored to have had an annex devoted to assisting the Libyan government in covertly collecting heavy weapons such as mortars from local militias and the consulate across the street from them is hit by mortars.  There was an intelligence and diplomatic failure on several levels.  My sources in Libya tell me the government was beginning to crack down on these rogue groups who were holding on to these weapons as insurance and as leverage to further their own burgeoning political agendas.  My supposition is the CIA mission was discovered.  In order to show their discontent at the Agency's participation in this crackdown, they retaliated.  They couldn't identify the location of the CIA mission so I assume they hit the next biggest American target on a historic day.  As luck would have it, Chris Stevens was there.  Will we ever hear that from anyone?  No, but perhaps - just once - we need to.

Here's a link to all of the public testimony given so far:
http://oversight.house.gov/hearing/the-security-failures-of-benghazi/

Really, really excited....

Sorry, it's been so long folks but I've been a bit busy this week.  For starters, my request to test and evaluate products sold by Victory Defense was granted and we'll be taking a look at a few gadgets with security applications.  One such gadget is a tactical flashlight with video and audio recording capability!  Now, do you see why I'm so excited? Secondly, we'll have articles about behavioral video analytics versus rules-based analytics.  If you've been following my Twitter feed, you probably noticed I was quite curious about the difference between the two and what failures behavioral analysis has.  I'm going to attempt to get a hold of someone at BRS Labs the company on the forefront of behavioral analytics to discuss this more.  We'll also have a commentary on what I perceive to be the most prevalent source of failure in any security program.  I conducted a poll on LinkedIn about a month ago regarding this very issue and the responses I got were quite surprising and enlightening in many respects.  Finally, I also hope to have an interview with an Executive Protection agent to discuss their journey into the field, the types of projects they've done, and where they see this subsection of our industry going.  As an added bonus, I'll be publishing a video on last week's topic on proper ways to search/inspect bags in a security environment.  As you can see, I've been a bit busy getting content.  It is my goal to move towards more original content.   So stay tuned and welcome back to The Security Dialogue.

Boss, I swear those guys weren't there when I did my advance...

Check this site out. All you have to do is click on a picture of your favorite celebrity and voila! You can find out which hotels they have been spotted at in the past. Not as bad as GawkerStalker. Just goes to show you should spend a significant part of your advance online. If I have enough online data and other open source intelligence, anyone can figure out your principal's probable location. A poster at TacticalForums was kind of enough to provide the link to the hotel site.