Red Teaming, Estate Security, and Executive Protection

Continuing the series on estate security in executive protection...

Preface: Part of the experience with EP Nexus, is shedding light on important security concepts that are often cloaked in puzzling jargon and newly minted buzzwords―then providing you with primary sources to study for yourself, and explore the ideas on your own terms. No one needs to have worked in government, or earned an advanced degree to practice the ideas discussed in this post. In fact, the $12/hr guard that checked my backpack at Disneyland this weekend could easily apply these ideas, and we’ll be safer for it.


“The enemy is a very good teacher.” ― Dalai Lama XIV


It’s a cliche to say that practicing effective executive protection requires one to think like the adversary, but this cuts to the heart of security.

Assessments are the foundation of every security operation because they seek to identify and disrupt potential avenues that the adversary may take. And by putting one’s self in the shoes of the adversary, one can understand, in intimate detail, what steps the adversary would need to take to successfully aggress against an executive.

Again, with terrorist attack cycle?

The most important idea to take away from the attack cycle is this: the adversary is vulnerable to detection during the planning phases (marking a target, collecting intelligence, conducting surveillance, obtaining resources, rehearsing the attack, etc.).

Here’s an oversimplified view:

→ Successful attacks require information about the target.
→ Information about the target found remotely is severely limited.
→ Surveillance and further fact finding in person is a requisite.
→ The adversary is vulnerable to detection during their surveillance and fact finding, since they need to be within eye-sight of the target (generalization)

Defining Terms

"Defined loosely, red teaming is the practice of viewing a problem from an adversary or competitor’s perspective. The goal of most red teams is to enhance decision making, by challenging assumptions, specifying the adversary’s preferences and strategies, or by simply acting as a devil’s advocate." (Source: Red Team Journal)

The Red Team Journal has an awesome set of resources for you to learn more, whether you're a red team novice or an experienced professional. Check it out below, you won't regret it:

Below, I illustrate a benign red teaming scenario and then highlight how it would help us as executive protection professionals. (This is only an example, I urge you to create your own, better scenario!)


Scenario #1

*This is mean to be more of a thought experiment, not an exercise or drill to be executed*

Suppose you are the adversary, and your goal is to place a pink post-it note with the word “Boom” on the executive’s home computer monitor. Yes, this is a semi-benign event. But, it would require you, the adversary, to walk though every step of the attack cycle.

  1. Select target (COMPLETE)
  2. Gather intelligence & conduct surveillance
  3. Get resources (COMPLETE)
  4. Execute
  5. Escape
  6. Exploit

Tasks to Be Completed

  • Identify what information do you need to complete your goal: personal info, address, security measures, vulnerabilities, potential modi operandi [yes, that's the plural form of modus operandi (MO)]
  • Decide how you will collect that information: remote, in-person, though a surrogate, etc.
  • Decide how you will conduct surveillance of the location without being burned: where is an optimal "perch" to conduct your surveillance from, will you be fixed or mobile, should you use a drone, etc.
  • Construct a cover story, in the event that someone questions you during the surveillance.
  • Following the surveillance, decide on a method for executing your mission: get access, evade or deceive security, etc.
  • *Resources for this mission are not an issue (post-it note + sharpie); that purchase won't raise any eyebrows at Walmart.
  • Determine if it feasible to conduct a rehearsal of the mission? If so how will this be conducted?
  • Decide, after you complete the mission, how will you escape? And what is your plan if you fail (cover story)?

Estate Security Learning Points

In the course of running though this mental exercise, you may have concluded that there are several approaches that have a relatively high likelihood of success. These are the MOs that security staff should be especially aware of.

Having explored the intimate details of each approach, you are now familiar with the specific challenges of each MO. With those challenges in mind, you can strengthen measures or policies/procedures that would undermine the adversary in those instances.

In addition, after you have walked through the scenario, you have a more informed perspective of what anomalies to look for in the various stages of the attack cycle.


This was a super basic look at how we can practice red teaming in relation to estate security and executive protection. I highly encourage you to check out those resources that I linked to from the Red Team Journal!

Thanks for reading!

PS: Never miss an article by signing up for the EP Nexus email list—Click Here.