Red Teaming, Estate Security, and Executive Protection

(NOTE: This is an abbreviated excerpt from "Estate Security Hacks." Want to download the full article & 21-page PDF? — Click Here

Preface: Part of the experience with EP Nexus, is shedding light on important security concepts that are often cloaked in puzzling jargon and newly minted buzzwords―then providing you with primary sources to study for yourself, and explore the ideas on your own terms. No one needs to have worked in government, or earned an advanced degree to practice the ideas discussed in this post. In fact, the $12/hr guard that checked my backpack at Disneyland this weekend could easily apply these ideas, and we’ll be safer for it.


“The enemy is a very good teacher.” ― Dalai Lama XIV


It’s a cliche to say that practicing effective executive protection requires one to think like the adversary, but this cuts to the heart of security.

Assessments are the foundation of every security operation because they seek to identify and disrupt potential avenues that the adversary may take. And by putting one’s self in the shoes of the adversary, one can understand, in intimate detail, what steps the adversary would need to take to successfully aggress against an executive.

Again, with terrorist attack cycle?

The most important idea to take away from the attack cycle is this: the adversary is vulnerable to detection during the planning phases (marking a target, collecting intelligence, conducting surveillance, obtaining resources, rehearsing the attack, etc.).

Here’s an oversimplified view:

→ Successful attacks require information about the target.
→ Information about the target found remotely is severely limited.
→ Surveillance and further fact finding in person is a requisite.
→ The adversary is vulnerable to detection during their surveillance and fact finding stages, since they need to be within eye-sight of the target (generalization)

Defining Terms

"Defined loosely, red teaming is the practice of viewing a problem from an adversary or competitor’s perspective. The goal of most red teams is to enhance decision making, by challenging assumptions, specifying the adversary’s preferences and strategies, or by simply acting as a devil’s advocate." (Source: Red Team Journal)

The Red Team Journal has an awesome set of resources for you to learn more, whether you're a red team novice or an experienced professional. Check it out below, you won't regret it:

Below, I illustrate a benign red teaming scenario and then highlight how it would help us as executive protection professionals. (This is only an example, I urge you to create your own, better scenario!)


Scenario #1

*This is meant to be more of a thought experiment, not an exercise or drill to be executed*

Suppose you are the adversary, and your goal is to place a pink post-it note with the word “Boom” on the executive’s home computer monitor. Yes, this is a semi-benign event. But, it would require you, the adversary, to walk though every step of the attack cycle.

  1. Select target (COMPLETE)

  2. Gather intelligence & conduct surveillance

  3. Get resources

  4. Execute

  5. Escape

  6. Exploit


Tasks to Be Completed

  • Identify what information you need in order to complete your goal: personal info, address, security measures, vulnerabilities, potential modi operandi [yes, that's the plural form of modus operandi (MO)]

  • Decide how you will collect that information: remote, in-person, though a surrogate, etc.

  • Decide how you will conduct surveillance of the location without being burned: where is an optimal "perch" to conduct your surveillance from, will you be fixed or mobile, should you use a drone, etc.

  • Construct a cover story, in the event that someone questions you during the surveillance or execution.

  • Following the surveillance, decide on a method for executing your mission: get access, evade or deceive security, etc.

  • *Resources - for this mission, it's not an issue (post-it note + sharpie); that purchase won't raise any eyebrows at Walmart.

  • Determine, is feasible to conduct a rehearsal of the mission? If so, how will this be conducted?

  • Decide, after you complete the mission, how will you escape? And what is your plan if you fail (cover story)? And how would you exploit the situation after you succeed?


Estate Security Learning Points

In the course of running though this mental exercise, you may have concluded that there are several approaches that have a relatively high likelihood of success. These are the MOs that security staff should be especially aware of.

Having explored the intimate details of each approach, you would now be familiar with the specific challenges of each approach. With those challenges in mind, you can strengthen measures or policies/procedures that would undermine the adversary in those instances.

In addition, after you have walked through the scenario, you have a more informed perspective of what anomalies to look for at the various stages of a potential attack cycle.


This was a super basic look at how we can apply red teaming in relation to estate security and executive protection. I highly encourage you to check out those resources that I linked to from the Red Team Journal!

Thanks for reading!

PS: Did you miss the “Estate Security Hacks” 21-Page PDF that I published? —Access it here.


About the EP Nexus Blog

The EP Nexus executive protection blog, is a comprehensive resource for security professionals involved in executive protection, protective intelligence, threat assessment, and related fields.

Launched in March of 2016 as a resource for executive protection professionals, command center gurus, and close protection know-it-alls, EP Nexus is quickly becoming a resource for those seeking to quench their thirst for executive protection reading.

The most popular section of the blog is Executive Protection HacksEP Hacks is a series in which we address complex topics (one topic per issue) in a convenient collection of tools & writings. I am actively collaborating with industry leaders to produce future issues. If you're interested in taking an active approach in moving your industry into the future, contact me below.

Outside of EP Hacks, I explore the following topics in writings, tutorials, and webinars: online tools for executive protection professionals, open source intelligence investigations (OSINT), threat assessment, protective intelligence, travel security, and more.

Sign up for the newsletter to receive premium content and monthly updates.