I studied for about 6 weeks total and passed the ASIS CPP Exam with score of 729 out of 800 (600 is passing). I would consider my security background balanced, but by my own standards I am not as proficient as I'd like to be in all of the subjects/domains of the CPP exam, especially physical or information security. Below is my summary of information that you should take in if you're considering getting the CPP certification, followed by my approach to studying for the exam efficiently.
Ilya Umanskiy has nearly 20 years experience in working with global security teams and working as a security consultant. In interviewing Ilya, he showed us his insight into several key areas: career advice, mentorship, challenges facing aspiring professionals (including transitioning military & law enforcement), and more.
When the term “Physical Security” is brought up in our industry, it is usually accompanied by a smirk or an eye roll. It is often deemed an “entry level” task that conjures images of Paul Blart the Mall Cop. No experienced professional would hang their hat on such a rudimentary function, would they? It has been our experience that physical security is often misunderstood and performed poorly. Yet, if the principles and concepts of physical security are understood fully and incorporated into the overall protection strategy appropriately (technology, intelligence, etc.), it can be just as critical a component as any other facet of protective operations.
I created a digital calendar with over 65 of the most notable terrorist attack anniversaries in world history and recent memory, which you can import into your personal calendar (iCal, Outlook, Gmail, Etc.). This simple tool–the first of it’s kind, allows the executive protection specialist to overlay terrorist attack anniversaries with the the principal's travel plans.
"Defined loosely, red teaming is the practice of viewing a problem from an adversary or competitor’s perspective. The goal of most red teams is to enhance decision making, by challenging assumptions, specifying the adversary’s preferences and strategies, or by simply acting as a devil’s advocate." (Source: Red Team Journal)
In 2016, there were 439 reported bombing incidents in the US, and “residential structures” were targeted more than any other location.
There are a range of crimes directed at estates, which are unique to residential targets (as illustrated previously in this graphic). Obviously burglary, and you have plenty of measures to mitigate that risk, already in place.
One of the biggest challenges for the individual estate security officer is the unknown visitor. You (likely) already have a plan in place if someone shows up unannounced. But what is your plan for screening them...
What questions do you ask them?
What signs do you look for to detect deception?
How do you elicit information from them?
Don't take my word for it, that practicing customer service is an important aspect of executive protection. As reported by themselves, two of the most notable executive protection companies in Los Angeles have incorporated customer service type training into their training programs.
Because estate security is multifaceted, executive protection professions will have ample opportunities to make mistakes. It is inevitable that you will have to navigate communicating with an angry vendor, principal, or other types of employees—even if you never make a mistake...
OSINT feeds protective intelligence programs a steady diet of information, 24 hours per day. Most of this is empty calories, some of it is red meat, but we don’t know until it’s collected and evaluated.
Real-time social media monitoring (by geographic location) is the single most practical and effective practice that any estate security program can implement...
This is the introductory article for my new series about estate security: Estate Security Hacks. In the last issue of “Executive Protection Hacks,” I provided a simplified framework for approaching the topic of travel intelligence, highlighting ideas and tools for the reader to use in his or her role as an executive protection analyst.
My intention is to highlight factors that I think are especially relevant for the individual security professionals that staff those estate security programs. This is written with them in mind, less so their managers or their manager's managers (although they'd still get something out of it!).
Yes, I’m putting the executive protection/Travel Intelligence topic to rest, but only after one final overview. Below is a short summary of relevant ideas from the Travel Intelligence Masterclass held recently. Plus, I have included two important links below.
First, you need to check out the travel intelligence reading list. Any novice could knock out this list in a month, and then they’d have a great reservoir of information to pull from when they’re supporting the executive protection team with travel intelligence...
After attending the ATAP Annual Conference, I decided that I needed to share with you, all of the great resources that the speakers mentioned—all relating to threat assessment, workplace violence, insider threat, executive protection, and more.
I was recently trying to make sense of all of the professional organizations that I consider especially relevant to executive protection. And then I thought, “how are all of these organizations connected and interconnected?”
I needed a graphic to answer this question, so I mapped out how the following (executive protection related) professional organizations are connected to other organizations.
I'm guilty of using the phrase "common sense security practices," and I imagine that many executive protection professionals throw around that term periodically too. Every time I've used that phrase, I've thought "what a cop out" ...there's no phrase in security that's more lazy and vacuous than "common sense security practices." Is there even such a thing?
Did you know that 80% of our success in producing valuable travel intelligence rests on us internalizing only a handful of patterns? What do I mean?
Patterns begin to emerge once we've read enough briefings from the US State Department, UK/MI5, iJET, Stratfor, etc...
This article highlights 15 patterns that consistently appear in travel security briefings and related literature. Once these patterns are identified, our work as executive protection analysts becomes much easier.
This is one of the few instances where the Instagram-bodyguards (or "hot bodyguards" as the news media characterizes them) posting gym selfies and pictures of their clients, are in the right. They may know nothing about executive protection, but they do know that healthy habits keep them mentally sharp.
As an analyst collecting and producing travel intelligence for executive protection programs, you will undoubtedly come across alerts from iJET, The Center for Disease Control (CDC), The US State Department, and others about a range of ridiculous viruses and illnesses you’ve never heard of.
As an exercise for myself and the reader, I have created a simple chart breaking down the most common and notable illnesses that we should be aware of. You’re going to see alerts for these, so you might as well know if they’re fatal, if there’s a vaccine, and how to prevent becoming affected.
Travel intelligence in executive protection means many different things to many different people. I am going to outline how I prefer to structure and curate my travel intelligence reports. What to include, what is assumed, what’s irrelevant, and so on. The structure of my travel intelligence reports share similarities with reports of iJet, OSAC, and the US State Department. (USE WHAT WORKS!)
“Intelligence deals with all the things which should be known in advance of initiating a course of action.” The following are several short and meaningful statements followed by my interpretation as it relates to our role in executive protection, from the book Communicating With Intelligence: Writing and Briefing in the Intelligence and National Security Communities (2nd Edition) by James S. Major.
The Travel Intelligence Mind Map is a framework for the executive protection analyst. It gives them a systematic process to tackle the ambiguous task of producing travel intelligence. I have broken down the mind map into three sections: General, Macro-Level, and Micro-Level. General encompasses the most basic information about the location, such as entry requirements, immunizations, infrastructure, and crime & safety...
Suppose you only had 10 minutes to initiate your travel intelligence research, and and then you had to provide an initial report to your principal / executive protection manager. Where would you start?
10-Minute Travel Intelligence will not fulfill all of your travel intelligence needs in 10 minutes. Rather, it is a proven framework for the analyst to conduct their initial assessment of a particular domestic or international travel destination.
EP Hacks is a medium for executive protection professionals to tackle complex issues and share ideas with their peers. My mission is to build a collection of invaluable resources–challenging the individual executive protection professional to develop and improve upon their skill set.
This issue of EP Hacks is the product of my boiling down the process and key ideas involved in producing quality travel intelligence for an executive protection program.
In the world of executive protection & protective intelligence, I’ve long discovered that in addition to the crucial role that OSINT plays, there’s often also a need for information that’s collected from the field. It’s not that remote intelligence isn’t important—on the contrary—that’s where you want to start. But this first resort shouldn’t always be your last and only one. Hostile entities also use open sourced intelligence in their Hostile Planning Process, but they don’t stop there—they follow it up with field intelligence, i.e. surveillance.
This article takes a look at the unseen paths that the executive protection specialist can take to acquire & sharpen skills for a prosperous career in executive protection. First, I take a look at MOOCs, which are FREE–university level courses, offered online, from some of the best schools in the US (Harvard, UC Berkley, Stanford, etc). Then I take a look at paid services which you might be more familiar with, such as Lynda, SkillShare, and Udemy.
Life Hacker Interview with Travis Lishok, Creative Director at Executive Protection Nexus - "What I do as an Executive Protection Specialist"
Article & Image Attribution: LifeHacker - Andy Orin - http://lifehacker.com/career-spotlight-what-i-do-as-an-executive-body-guard-1778714984
One weakness of executive protection training, is that there is minimal focus on technology and related tools that can assist the executive protection specialist out in the field, all the while requiring minimal investment in resources.
What is the Alert Ecosystem? The Alert Ecosystem is a collection of tools, that when used collectively, keeps the executive protection specialist informed (instantly). Wouldn’t you like to be the first to know when a disaster strikes near by, or when an emergency alert for your area is issued?
There are great advantages for using IFTTT, whether you’re a command center dweller, an executive protection team member, or an executive protection manager (or just a security savvy dude). Uses of IFTTT range from intelligence collection (key work tracking, social media activity tracking, etc) to personal convenience.
What is IFTTT? If This Then That is a free online application that allows the user to automate various functions between different apps...
Take remarkable executive protection or security concepts that we hold in high regard – MOSAIC (threat assessment system), iJET, OSINTtechniques.com, or the Advance/Odin apps – any one of these could have been created by any one of the readers of this blog. None of these ideas or systems are earth-shattering.
So why didn’t you create them? And why aren’t more of us doing remarkable things in executive protection?
Executive protection and threat assessment go hand in hand with each other. The executive protection specialist is making evaluations on a daily basis, about whether an inappropriate pursuer is a violent threat, or just a nuisance. These pursuers attempt to make contact via letters to the principal, calls to the principal, and the occasional, unwanted attempt to meet the principal in person. And that's were our threat assessment training comes in...
Executive Protection & Threat Assessment – You think that threat assessment requires paying $10,000, for academics to lecture you at the Gavin De Becker - Advanced Threat Assessment and Management Academy. But, all you really need to do is follow Mark Cuban's advice from How to Win at the Sport of Business. That is, “Read the F***ing manual.” Here's the manual...
Increase Your Security IQ >> Sign Up Here
Join 1,000+ Active Members of the EP Nexus Community
Success! Now check your email to confirm your subscription.
EP Nexus on Twitter
EP Nexus on Instagram