We invited Pablo Ortiz-Monasterio, one of Mexico’s most prominent faces in executive protection, to discuss security driving training. In fact, he shares some of the most eye-opening insights into the everyday skillset that every driver must have!
Pablo Ortiz-Monasterio, AS3 Driver Training
The problem with many security drivers is that they imagine training has to be exciting, like in the movies. As a result, they get bored with their security driving training, as they feel that they are only doing the same things every year.
In the same vein, they don’t want to repeatedly do the same old boring stuff. Sometimes, they complain to the boss about not being taught how to crash cars and push through an ambush. They call it offensive driving.
Many of our clients have brought up the issue of learning full-contact driving and how to push through an ambush. The problem is that, as trainers, we would be doing them a great disservice. At one point, a car manufacturer asked us to do this on brand-new vehicles, and we know for a fact those techniques don’t work anymore.
The way we were doing this was by working with 1975 (old) cars. They were sturdy. They would hit, hit, and hit, and nothing would happen to them. We even had one that caught fire once. Then, as we extinguished the fire — it still went and still hit a couple of times more.
We have had some cases since we stopped doing it that a company decided they wanted their drivers to learn how to crash in their security driving training regardless of our warnings, so we would either do it or we would lose the contract. And sometimes, it comes to a point where we must choose whether to do it or lose the contract. So in some cases, we have done it, of course, but always being very clear that we are teaching an obsolete skill.
Ramming
We had a situation that was not a high-impact attack. It was not a hit. The attackers wanted to stop them for some reason. But, of course, the principal’s entourage was driving a brand-new Audi SUV. The driver decided that the right way to react to what was happening — because the attackers were closing the way in front of them — was to ram them.
What happened?
The moment he had rammed them, airbags came out, and the car shut down. The motor shuts down because the cars are designed to save your life and not to crash through an ambush. So the car stops the flow of gas to the engine, and now they are stuck.
In this particular situation, they start shooting at them because they’ve raised the level of violence. And they are stuck. There is nowhere to go. The car won’t turn on until the sensors are sure there is no fire hazard. (In other brands, the mechanism is different.)
For sixty seconds, they shot at them. Fortunately, nobody was killed. They actually got what they wanted, which was a backpack with money. How they knew that is a separate question.
Different Options for Security Driving Training
At the end of the day, it would have been a lot easier if they could have stopped and given them the bag. Or, if they did shoot at them, perhaps not crashing into the barricade to get out of it would have preserved the vehicle, they would not have raised the level of violence, and they would not have provoked the shooting against them, which could have ended their lives. And they would have still lost the same amount of money.
Or what if there was another option? Another exit? If the driver was a little more aware, he might have seen that coming and actually done something before they got into that situation.
You cannot change how your vehicle will behave (messing with the vehicle’s CAN is a considerable liability). The only thing you can do is change the way you train. To incorporate these new technologies, new situations, and new challenges into your everyday driving, and your everyday skills. In fact, security driving training is only one piece of the puzzle.
Now we know you need to avoid obstacles because the car will break down. After all, it doesn’t know that you’re being chased, shot at, or something else.
I spend a lot of time traveling, specifically overseas. Transitioning from a large government agency that provided and managed everything I needed during protective travel to a public sector position was eye-opening when I no longer had those resources. Thus, here we will discuss travel safety!
Fortunately, I still had a vast network that had made the leap before and was very helpful in pointing me in the right direction. I’ve said this before because it’s still true: ALL protection is based on the threat. Similarly, conducting a thorough protective advance will make or break a visit.
Understanding what is needed during an advance can fill a book and takes years of personal training and experience. Still, considerations for travel safety should be the common vein that flows through everything you do during your protective visit.
Travel Safety Starts With YOU
It’s easy for executive protection professionals to sometimes forget that travel safety isn’t just for your employer. It’s also for you! You’re a big tough protection agent, and safety is your job. So, you don’t need to worry about it… right? Wrong!
I no longer have a “God” pin. Even when I wore one, I never felt it physically protected me. On the contrary, I always considered personal safety in everything I did, especially during my travel. Having done hundreds of trips over a long career, I can say firsthand that anyone that travels can be a victim of a crime or other nefarious activities.
A random act could negatively impact your safety and the security of those you protect based on:
opportunity or
planned targeted attack.
And your job is to prevent it! So when conducting your advance, always consider who is watching you while you’re doing it.
Due to limited resources, most EP advance teams don’t have the luxury of having a countersurveillance team covering their backs during planning. To fill that protective gap, education is critical.
There is an excellent course offered by the Arcuri Group that provides exposure to the science behind situational awareness. The training and subsequent certification are directly applicable to travel safety for EP. Hence, I encourage you to look at it.
Historical Files
Before you step foot on a plane, you should research your destination for travel safety information.
It begins with historical files your team has collected from previous visits to the intended region or site.
Most operational EP teams that travel frequently have a shared database with all collected documentation on active and completed protective visits. These files are invaluable in reducing your advance work by providing contacts and safety information from previous visits.
Want to know which company provided an armored vehicle service on a visit or the name of the building engineer for a specific hotel? Check the historical files!
Need a phone number for the regional security officer or the hours for the hotel gym? Check the historical files!
Suppose the specific travel safety information you’re looking for isn’t in the historical files, or you need updated information because it’s changed over time. In that case, your pre-advance research allows you to identify the travel safety information you need before you leave.
While it may seem unimportant in overall travel safety planning, small details matter. If your advance can provide solutions for the small details, it means you did your homework, and the big details were covered. Historical file review provides a solid starting point for travel safety and allows time to work out the finer details of your protective advance.
Available Online Travel Safety Resources and Apps
Corporate EP teams are slowly moving away from security operation centers (SOCs). These are expensive and, in some cases, completely cost-prohibitive. Today, online resources and privately managed security platforms that provide real-time geolocated intelligence information and apps are commonplace in EP operations.
For example, companies like Ontic, International SOS, Dataminr, and Samdesk all offer contract services that provide proactive and timely information directly to your mobile device. In fact, they alert you to critical safety information during a protective visit.
Having an alert sent to your cell phone informing you of an issue related to your intended motorcade route before the problem impacts you is worth its weight in gold. The added benefit is you can use the same applications for travel safety research before your visit. Observing crime, weather, political, and even traffic information for your intended visit location helps you connect the travel safety “dots” before you enter the protective environment.
The US Department of State’s Overseas Security Advisory Council (OSAC) is another significant free resource for travelers and includes travel guidance and regional and country-specific security reports. Knowing the geopolitical and social environment of a prospective visit location directly supports your overall advance results.
Another free application, Geosure, offers timely safety information using a numeric score (1-100) from trusted data sources for travelers worldwide. Executive protection teams use all the above resources in completing analytics for their risk and threat assessment before and during protective travel. Still, they now have the luxury of instantaneous mobile notifications when the threat picture changes on the ground.
Digital Security Awareness in Travel Safety
Whether it’s financial, politically motivated, or activism-related, every protectee you have, has been, or will be the target of a cyber-attack. Attacks vary depending on the target but commonly include:
impersonation,
business email compromise,
cyberstalking,
electronic death threats,
social media account takeover,
cell phone hacks,
online hacktivism, and
propaganda campaigns.
EP professionals protect people physically, but they also must protect their reputations. Therefore, EP companies must now incorporate other security measures beyond physical if they are to be relevant in the future protection landscape.
Limiting Data Leakage
As it relates to travel safety specifically, there are simple steps EP teams can take to protect themselves and their employers.
True, physical control of your electronic device is always important. Yet, you must also practice good electronic security habits to ensure data is secure — or at least as safe as possible.
The first question you should ask your protectee regarding electronic device travel safety is: “Do you really need to bring it?”
The answer will almost always be: “Yes.”
If your protectee absolutely needs it — and most think they do even if they don’t — can you use available resources to limit data leakage? It begins with educating your protectee on digital travel safety before you leave.
Ask your protectee to back up sensitive data before the trip on a separate device they aren’t taking with them. If a device is compromised and/or data is lost, stolen, or locked during the trip, your protectee will have the data secure and available elsewhere. And you just earned your paycheck.
Enable password logins on start-up (Bios) and ensure solid passwords for all mobile devices, applications, and social media accounts.
When possible, utilize multi-factor authentication for device access.
Establish an international calling plan and secure WiFi before you leave through your established cellular service provider.
Blocking Unwanted Signals
Get in the habit of using Faraday Bags for cell phones. The bags block digital signals to and from the device until they are needed.
It acts like a handheld SCIF.
Wait to turn on your phone after you land. Wait until you are 10-20 miles outside the airport before connecting to the local network, and use VoIP if the call is sensitive.
Never store your passwords on any electronic device you’re bringing with you.
Never use gifted, locally purchased, or loaned power cables, cubes, external storage, or USB devices. If you didn’t bring it with you, don’t use it.
Turn off all geolocation services on your protectee’s devices, including the camera. Numerous online companies offer resources to track cell phones based on these services.
Encrypt any sensitive information that would cause personal damage if lost. If you wouldn’t show it to your mom, lock it down.
Ensure your operating system is fully patched with the latest security updates before departure.
Ensure anti-virus, anti-malware, and anti-spyware protections are updated before departure.
Update your web browsers and implement strict security settings before you leave.
Ensure you direct your protectee to disable auto-connect for WiFi and Bluetooth during the visit.
Disable wireless device-to-device sharing, such as AirDrop on iOS and/or Nearby Share on Android.
Use a Virtual Private Network (VPN) on all internet devices.
Limit online and social media postings reflecting your travel until after you return.
Have copies of travel documents and passports saved online in a secure mailbox or encrypted travel vault.
Consider using Apple AirTags for baggage and anything of value, including purses, computer bags, and luggage. AirTags can also be used for personal tracking if your protectee needs “space” and loose protective coverage.
When using EMV Chip cards, always protect your PIN from view and avoid using ATMs altogether.
Travel Like a Gray Man or Woman
If you’re like most EP professionals, you have a “few” more tattoos than the excessive alcohol, and that trip to Mexico can excuse and are considerably larger than most humans worldwide.
YOU STICK OUT, to say the least, and holding your hands in front of your body at waist level while walking screams “security.” Add that to the logos on your clothing, and your overly confident “A type” behavior and “blending in” require diligent work. In some work environments, it’s expected that you dress the part or at least dress like your protectee.
Today, attire has as many differences in EP as the people that work in EP. I used to know what business casual was, but that was many years ago before jeans were acceptable in the workplace. If you’re in the industry, you’ve seen the recent push for “covert protection” rather than the standard overt protection we all practice.
Several workshops and schools now offer training in the “Gray Man” ideology for protective coverage. I’m not there yet, but I understand the principle of having a countersurveillance background. Gray Man Theory isn’t a new idea by any means despite the recent interest in the methodology.
Social Camouflage
Gray Man Theory is based on the science of human recognition and the Reticular Activating System — the part of the brain that responds to anything that stands out.
Our brains have evolved to categorize stimulus over millions of years of learned survival by limiting the flood of information it recognizes by forcing “normal” into the background until the RAS is stimulated. Once something “stands out,” our brain instinctively recognizes it as “not normal.”
Concerning protection, the principle is that becoming a Gray Man or Woman provides you with social camouflage to appear as though you are just part of the normal “non-threatening” environment.
The idea is to conceal the fact that you are prepared for a threat. It’s important to understand that your foe is also employing the same Gray Man techniques you are. They are actively attempting to appear average and non-threatening until they can attack.
Understanding your environment will help you blend in and aid you and your team in providing protective coverage while also remaining invisible to any threat. The counterargument to Gray Man Theory is that your mere presence prevents attacks.
There are positive points for both; the coverage should be situational and change with the threat environment.
Regardless of which side of the fence you fall on, you should try to blend in and continually look for countersurveillance when conducting your protective advance. I’m not saying you should wear local traditional clothing. But, losing the Tony Lama’s and Nine Line T-Shirt and gray down a bit Tex would be in your best interest.
Need help with how to dress? Muted colors and clothing without logos or script are always a good bet.
The Sauna Threat
Recently I was in Scotland.
I was in the hotel gym a few days before my protectee came into town. During that time, a famous rapper — who had private EP security — was also in the gym. I say “famous” because if I knew who he was, trust me, everyone does. On that occasion, I wasn’t wearing anything “military” or “former agency” related (always a good idea). After my workout, I went to the sauna.
The rapper followed me into the sauna a few minutes later while his EP guy stood awkwardly outside next to the door.
I employed Gray Man behavior by not making eye contact and acting non-threatening. It was easy to do with a towel around my waist. I considered the optics and tactics used by the rapper’s security and wondered if there were other ways to handle the coverage. And if I’m talking about you personally, please don’t take offense.
There are always different ways to provide protective coverage. Yet, I wondered if standing outside of a sauna door drew more or less attention to the protectee.
Outside of a medical condition I was unaware of, was there an actual threat in the sauna? What are the chances an attacker would know the protectee would be in the sauna? My point to this story is Gray Man Theory works for both EP and the protectee.
As mentioned earlier, less visible and covert security may be the appropriate choice in limiting unnecessary attention for your protectee.
Travel Safety in a Social Environment
It’s unlikely your protectee will stay in their hotel room for the entirety of a trip. At some point, they will leave the hotel’s relative safety and venture out into the public. As stated earlier in this piece, you are also expected to protect the reputation of your protectee.
If you need a good horror story on bad protectee social behavior abroad, there are numerous examples from the Hollywood set in EP forums online. Some personal client behavior is so egregious that well-established professional agencies don’t accept protective coverage.
But let’s assume you have a “normal” protectee with “normal” social interactions while traveling. You should be aware of safety concerns that may bring unwanted attention and reputational degradation to them in social settings. In fact, social media has increased that risk exponentially.
Security Applies to Everyone
Remember that you are a protection agent, not a drinking buddy. That means you can still be cordial. However, it does mean you’re working, and there is a clear line you can’t cross professionally. You have one job and can’t do that while socializing with your protectee.
You will likely be in an unfamiliar place. So, be aware of your surroundings and ensure you have previously reviewed all the US State Department “Security Concerns” published in the Country Security Report for the location you are at. These detailed reports cover:
general crime,
kidnap threats,
terrorist threats,
protest and demonstration activity,
health concerns, and even
law enforcement concerns.
These reports are provided to help travelers “avoid” problems before becoming an issue. In addition, during my time with the government, I received numerous travel safety briefings from regional security officers in embassies around the world upon arrival in “their” country.
The briefings were very specific because some unfortunate citizens had fallen victim to the scheme or crime we were being briefed about. They didn’t want others victimized during the visit. Crimes were wide-ranging and included everything from professional pickpockets to Honey Pot schemes.
The Cute Young Lady
In every instance we were warned of, simple situational awareness and caution were vital in avoiding being victimized in social settings.
That cute young lady that just asked you to buy her a drink (which you later discover costs USD200.00 in cash or the bouncer will beat you senseless) should be a red flag because you aren’t that good-looking (even overseas) — and nothing is free.
Despite the warnings, there was always one person who didn’t think safety briefings applied to them personally. This led to them later suffering the unfortunate consequences of becoming the subject of a new safety briefing themselves.
In EP, those consequences could end up displayed on Apple News or TMZ. Use the training and experience you have to recognize and identify problems before they occur and step in when needed.
Know Where and How to Get Help
Surprisingly, motor vehicle accidents are the top cause of death and injury of US citizens abroad.
While EP tends to focus on the physical protection of a protectee, there is a much greater likelihood your employer will suffer a medical emergency or an accident in your care. For example, it is not uncommon today for executives in Fortune 50 companies to travel with doctors. Additionally, most Fortune 100 companies require EP employees to have at least an EMT certification or higher.
Medical attention becomes even more important when traveling outside your known medical system. For instance, a Level One Trauma Center in many parts of the world would not qualify as a Level Three Trauma Center in a developed country. Private medical practices are also very different from socialized medical systems.
EP should begin their medical travel safety by submitting a medical questionnaire to their prospective employer before the trip.
Do they have medical conditions you should be aware of or require prescribed medication?
Are sufficient amounts of medications being brought on the trip
Where are those medications in the event of a medical emergency?
EP agents should know full medical histories and advance directives. This helps if a protectee is incapacitated and information needs to be relayed to a doctor.
Further, the hospital advance and hospital routes may be one of the most important pieces in any protective advance. For example, having the number for the nurse’s station at the ER entrance may seem unimportant until there is a medical emergency. And you need to call them for notification as you’re en route to the hospital.
Other Emergencies
Besides a medical crisis, EP advance agents should consider where they intend to go and what they intend to do for other emergencies. Outside of targeted violence, the most common threats to consider are
natural disasters,
geopolitical/social instability, and
infrastructure failure.
In all cases, communication is key in developing and completing a planned secure evacuation of your protectee. Your plan may be to get to the airport and get airborne ASAP. But that requires reliable communications with your aircrew, as planes don’t just leave when you show up.
Your plan may be to evacuate to a safe haven like the embassy. In whatever plan you develop, communication is an integral part of achieving the safety and security of your protectee. Thus, your protective advance should always consider a wide range of emergencies and plans for effective communications.
You’re Not on an Island ― and Standards Are Coming
You spend untold hours considering every bad scenario that could occur and then develop a plan to counter it. You know every exit, entrance, route and consider what is available for use as a weapon in every room you enter.
Every person within arms reach and beyond is a suspected threat until they aren’t. Your operational level of paranoia would frighten most people. So instead, you memorize statistics that don’t come up in polite conversation:
with 77% of the attacks being successful or fatal.
The adage that “no one loves a warrior until the enemy is at the gate” is true, but you are needed more now than ever. Regardless of where you came from and why you chose this career field, it is essential to understand you aren’t alone and everyone wants you to succeed.
According to current statistics, there are over 14,000 registered private security agencies and schools in the United States alone. The makeup of staff and personnel in those agencies is as diverse as you could imagine. Training is likewise just as diverse.
Doing the Right Thing
Currently, there are EP agents working in this industry after completing a three-hour ASIS certificate with no prior experience standing next to career professionals that worked at the highest levels of executive protection in the government. There are also just as many opinions on “how it’s done right.” Just read any EP post on LinkedIn.
Regardless of your personal background, everyone is counting on you to do the right thing when bad things happen.
Congratulations, you just bought your first XSuit and got a fresh haircut. Unfortunately, all show and no go don’t work in this field.
If you don’t understand the fundamentals of protective operations, when the bell rings, someone will get hurt. “You don’t know what you don’t know” is a much more powerful statement nowadays.
A New Guard
The good news is the sun is rising on a brighter future for EP as a career. Within the last few years, a new guard of professional leaders in the EP industry has broken through the previously held stranglehold, which prevented standardizing EP in the United States.
The Board of Executive Protection Professionals recently began the important task of creating a new American National Standards Institute (ANSI) standard for the EP career field.
ANSI is the private non-profit organization that oversees the development of voluntary consensus standards for:
products,
services,
processes,
systems, and
personnel in the United States.
The organization also coordinates US standards with international standards.
Since the beginning of this critical work, other security organizations have rushed to market with products and services to collect money before the ANSI Standard sees the light of day in the coming months.
EP training academies and schools throughout the United States will eventually be unified in their training methodology and curriculum. The reason? It will be based on an established professional standard accepted by the entire industry.
While this new standard will cover many EP areas, you can be sure that the topic of travel safety will be part of it.
Pakistan’s former Prime Minister survives a shooting attack at a political rally this Thursday. Imran Khan was wounded in the leg following a wave of gunfire hitting his convoy. What’s more, one person was killed and several others injured during this protest march in the eastern city of Wazirabad.
The former politician was taken from the site he marched calling for early elections and shipped to receive treatment in Lahore. Mr. Khan is in stable condition. However, reports claim an operation is highly likely.
According to the police, they detained a man suspected of firing shots at the rally. Furthermore, police reveal that the suspect was arrested with a 9mm pistol and empty magazines.
Moreover, Pakistan’s Ministry of Information released a video confession of the unnamed man suspected of orchestrating the attack. The conditions under which they carried out the interview are unclear. As a matter of fact, certain politicians are accusing the Pakistani government of being “directly involved” in the attack.
Still image from a video showing Mr. Khan being assisted after the attack
No official comment on the motive for the attack has been released. Nevertheless, Imran Khan’s party hails the ordeal as an assassination attempt.
The Ordeal
Video footage from the scene clearly shows the circumstances under which the former Prime Minister survives a shooting attack. Mr. Khan and his supporters stood on shipping containers playing music and shouting from the loudspeakers when gunfire abrupt.
Another video shows the former politician ducking while those around jump to cover him. Later, a conscious Mr. Khan appears with a bandage on his right leg as supporters carry him to a vehicle.
Likewise, one Pakistan Tehreek-e-Insaf (PTI) party member is seen with a bloody face and clothing, while another close ally of Khan received a wound to the head in the attack. There is no official release of the names of the victims.
In a statement on Twitter, the Chief Minister of Punjab province, Chaudhry Pervaiz Elahi, claims “we want to know who is behind the incident, which people trained the accused, what is the thinking under which this boy was prepared, how much money he got, where did he get it from.”
Unfortunately, Pakistan has a long history of deadly political violence and no experts see it coming to an end any time soon.
In executive protection, the transmission of messages can either make or break any assignment for security practitioners and principals alike. Therefore, this article examines the pros and cons of some of the most secure messaging apps in 2023 — and beyond!
Protectors share sensitive information, discuss business, or do other significant things all the time. That implies they need to be able to do so without a third party watching them or surveilling their transfer of data.
The same applies to their protectees, whether they are the primary principal, entourage, or personal assistants. In light of countless security breaches, it becomes even more paramount to secure communications between everybody who has access to vital information, including routes, schedules, and plans.
To that effect, this in-depth guide will help you better decide on choosing the most secure messaging apps in 2023. In fact, we will judge each as per the following criteria:
ease of use, customization, and ubiquitousness,
basic and advanced features,
free or paid plans, and
trust of users and data breaches.
Over the years, messaging apps have expanded to include features like sharing images, documents, texts, contact information, and conferencing. We wouldn’t dare to speculate what’s to come, but we can only hope it will include more remarkable and sought-after features — as well as a more secure environment.
Overview: Most Secure Messaging Apps in 2023
Most of the apps we are about to present are open source, which means that they are subject to the community’s interventions and inspection.
At any rate, when you download the next app, you should ask yourself the following: Who runs the app? Startups or big corporations? Do they depend on donations and funding?
The answer to these questions will tell you a lot about the possible intentions of the people behind the curtains. Ultimately, what you want to get is that only the sender and recipient can see the message and not anyone else in between. But more on that later!
Without further ado, let’s jump to talking about the most secure messaging apps in 2023 and beyond!
iMessage
Number of users: 1,3 billion
Apple’s instant messaging service functions exclusively on the company’s platforms, including macOS, iOS, iPadOS, and watchOS. Android and other users will find this discouraging. The reason? In regions like Europe, Android is the operating system for around 70 percent of European mobile phones.
On a more positive note, one of the first apps to introduce a fantastic feature, iMessage allows its users to decide how long a message can stay in a chat and how many times the recipient would be able to view the message. It may seem odd at first, but this is one of the best security-related arguments for the app, which appears to focus heavily on privacy.
Since it’s been around for more than a decade, the app boasts powerful features in terms of design and ease of use, making sharing stickers, emojis, GIFs, and other media seamless. In addition, it has no paid plans, meaning it’s free for use.
However, Apple is the key controller. In other words, if it comes under attack by hackers, the messages contained in iMessage could be quickly revealed. Thus, cloud backup options are not the strong suit of this security-focused app.
Silent Circle
Number of users: tens of thousands
Perhaps most relevant for EP companies, Silent Circle is an app tailored to the needs of high-profile individuals. In our context, these are the principals and their family members. In fact, it allows its users to make and receive calls from landline and mobile numbers, which could come in handy during security assignments in Africa or Latin America.
Expectedly, the app has end-to-end encryption capabilities, where encryption keys are held by subscribers themselves — not the company. Similarly, Silent Circle uses a feature called “burn timers” to automatically edit messages after a customizable period.
Interestingly, it enables multiple calls at once through a segment they call conference manager. Perhaps one of the most exciting capabilities is that it lets you know when your messages are delivered and when the recipients read them. On a different note, it is available on iOS, Android, and on the company’s Blackphone.
As for their paywall, Silent Circle requires USD10 per month per user. Another downside is the fact that you can’t send Desktop messages, but only use the mobile version.
Wickr
Number of users: 12 million
Wickr finds itself among the most praised on our list of the most secure messaging apps in 2023. It’s an app that utilizes Perfect Forward Secrecy with the support of Two-Factor Authentication. They don’t ask you for a phone number, email address, or other personal details during registration.
Unlike many of its competitors, users and security experts consider it more of a collaboration tool rather than a private chat messaging application. In fact, it allows you to share
screens,
locations, and
online statuses, among other things.
And even if it comes under attack by hackers, Wickr servers cannot leak user communications. In fact, the app owners claim they are “undecipherable in transit and deleted upon delivery.”
Another positive aspect of the app is that it is available for iOS, Android, Mac, Windows, and Linux users.
On the other side of the coin, Wickr is a costly app with silver, gold, and platinum plans, depending on your needs and team size. However, the basic, free version allows for up to 30 users and 30 days of data retention, which might be enough for some EP teams.
WhatsApp
Number of users: 2 billion
Predominant among the most secure messaging apps in 2023, WhatsApp has the ability to make disappearing chats the user’s default. With end-to-end encrypted backups, it can even transfer your chat history from iPhone to Android. With plenty of unique features, it is still one of the most ubiquitous ways for people looking to send and receive messages securely.
In addition, it’s available on the web and desktop, and it can run on Android and iPhone operating systems. All this makes it likely for users to choose it, especially when people from one end of the world cooperate with others who don’t have the same operating system or device.
Disappointingly, WhatsApp requires your phone number during registration. Also, Facebook owns it, which sounds daunting when we consider the 2021 security breach when hackers stole data on 533 million of the platform’s users.
But things weren’t always this gloomy. In fact, Facebook bought WhatsApp in 2014. After the purchase, the famous social media owners promised they wouldn’t monetize the app. However, they reneged, making WhatsApp founders leave and co-found another of the most secure messaging apps in 2023 — Signal.
Silence
Number of users: tens of thousands
Among the pioneers of encrypted SMS messaging, Silence is an app that is trying to do something many have avoided. It’s an open-source Android app that uses the Axolotl encryption protocol and applies it to telephone-based SMS. Although Signal tried to build SMS/MMS secure messaging in 2015, the company abandoned its efforts as it thought it wouldn’t be able to deliver on its promise in full.
On that note, Silence works as any other standard text messaging app. It allows you to send text messages to your contact through SMS, with the option to send encrypted SMS messages to other Silence users. In fact, founders claim that users don’t require any servers or internet connection.
Worryingly, however, the app seems to be last updated in 2018 on the Google Play store, with no iOS app in sight. In addition, many have complained about its outdated look.
Dust
Number of users: more than 100 thousand
Probably the only one with this option on our list of the most secure messaging apps in 2023, the Dust app has a built-in stealth search tool for maintaining privacy when you search the web.
Another cool feature is that it notifies you as soon as somebody takes a screenshot. As a bonus, data breach alerts sound as soon as the app suspects something’s off.
With end-to-end encryption, Dust is set not to display user names in messages, while one contested feature is that it has no chat history.
Reminding users of apps like Snapchat, messages on Dust disappear within 100 seconds after being read and within 24 hours if the recipients don’t read them.
In any case, it is available on Android, iOS, and Windows platforms, with many reviews claiming that the interface seems impressive.
Voxer
Number of users: tens of thousands
Like other apps, Voxer uses Signal’s protocol to make its encryption safe and sound. However, it focuses heavily on voice messages, which makes it a kind of walkie-talkie or push-to-talk device. Thanks to voice-to-text capabilities and group chats with up to 500 team contacts or individuals, it certainly seems impressive.
Nevertheless, unlike a typical walkie-talkie, you can hear messages as people speak or listen later when it’s suitable for you. We can already see the application for this among celebrity protection and corporate security teams. For example, during music concerns, conference room meetings, or at embus/debus.
Although it’s free to use, premium subscriptions unlock several features, including
admin controls for group chats,
unlimited message history, and
hands-free walkie-talkie mode.
At any rate, it’s worth checking out due to its simplicity and ease of use. Also, it’s available on iPhone, Android, and the web.
Threema
Number of users: 12 million
With a unique Threema ID key and the NaCl cryptography library, the company assures its users they can use the app anonymously — with no names. In fact, you don’t need to disclose your email address or phone number for it to work.
Another plus is that it’s available on the web, Windows, Linux, macOS, iOS, and Android. Many other most secure messaging apps in 2023 lack this altogether!
Equally important, the app owners claim that “No work is outsourced. Our dedicated support staff ensures consistent high quality and fast response times.” At face value, this seems like a big deal, and it is to a certain degree because most don’t offer this option.
Yet, apart from that, it has few advanced features and offers a single paid plan, requiring USD4 for the app to work.
Unlike Threema for individuals, the Threema Work version offers more capabilities as part of expensive paid plans.
Another downside to the app is that it hasn’t caught on in English-speaking regions worldwide. So unless you speak German, you will probably have difficulty finding other users. (It was developed in Switzerland, hence the priority given to the German language.)
Skred
Number of users: 10 million
For starters, Skred doesn’t require your phone number or email address, and no subscription is necessary. In fact, app owners claim that there is no operator, no SIM card, and no tracking involved in the registration process.
Expectedly, it allows you to exchange data types, such as images, text, sound, music, video — and even software. Unlike some of the other apps that require excellent bandwidth, Skred adapts to any network, guaranteeing speed and transmission quality.
Want to know if your friends are on Skred? Well, the app doesn’t use your phone contacts to detect if your friends use the application. As a matter of fact, they made this feat difficult in the sense that you can only invite people to join Skred by having them scan a QR code from your app in person or by sending them the code through another messaging service.
Offering peer-to-peer and crypted communications, Skred is based on the free, open, and secure technology that goes by the name of WebRTC.
However, users have complained about countless bugs and the lack of a group call feature for some time.
Telegram
Number of users: 700 million
Known for its countless fortes, Telegram is probably one of the oldest secure messaging apps around. Avowedly uncontested with its chat feature of up to 200,000 members, the company is proud of its numerous achievements and receptiveness to public input.
Telegram hosts a hacking challenge when hackers attempt to decipher messages and break their encryption. During the happening, the USD300,000 reward attracts dozens of hackers. This event serves to reveal any potential vulnerabilities, after which the developers work on fixing them.
Further, the app is available on all the major platforms:
Linux,
Microsoft Windows,
Android,
iOS,
macOS, and on
the web.
However, Telegram became infamous at one point when security experts discovered that ISIS terror groups used it. Eventually, one report warned of “a growing cyber threat where hackers use Telegram as a command and control system.”
Signal
Number of users: 105 million
The app that won the most online contests over the years, Signal is the app whose end-to-end encryption protocol was made available to many others on the list of our most secure messaging apps in 2023. In fact, it has become known as the poster boy among the safest applications.
For one, Signal requires no special login credentials or PIN codes unless you decide to create one. It was also among the first to introduce self-destructing messages in 2016, allowing you to change phone numbers while keeping Signal account data intact. They say they are working to fix this issue and become even more privacy-focused.
Besides a beautiful user experience, the app has improved in many ways over the years. For example, instead of collecting them, Signal stores all your pictures, files, and messages locally, on your phone.
Interestingly, both Facebook Messenger and WhatsApp use Signal’s encryption protocol. This information can tell you a lot about how powerful it is in comparison to other most secure messaging apps in 2023.
Compared to other apps, like Telegram, it only allows a minuscule number of participants in group video chats, up to 40. Another con for Signal is that users need a phone number to sign up, which isn’t the case with many apps in this article.
Viber
Number of users: 820 million
Developed by the Japanese multinational company Rakuten, Viber is one of the most ubiquitous and user-friendly apps worldwide. It enables you to send texts, pictures, and video messages, as well as make free calls. In addition, Viber is renowned for creating groups and communities with up to 250 people. In fact, you can call up to 20 people at once.
On the security side, it offers encrypted video and voice chats on major desktop operating systems and mobile devices. Needless to say, Viber is upholding the new industry standard and is secured by end-to-end encryption.
Interestingly enough, every chat within the app is color-coded depending on its level of encryption:
Green suggests the conversation is encrypted, and the contact you are connected to is trusted.
Grey indicates the chat is encrypted, but the contact has not been marked as trusted.
Red suggests there is a problem authenticating the contact.
On the negative side of things, Viber calls don’t have any option for call blocking, unlike others on our list of the most secure messaging apps in 2023. Simply put, you cannot block random or unknown callers. When it comes to using Viber on older versions of the mobile communications standard (3G), the app offers reduced service quality.
How to Choose the Most Secure Messaging Apps in 2023
In an endless sea of apps, choosing the most secure and smooth-working one pays dividends!
In executive protection, safe and seamless communication is everything. So whether you are trying to plan your next security assignment or talking to the principal or their personal assistant to prepare for a trip, you want everything kept right there — between the two, three, or more of you.
If something slips through the cracks and becomes available to the paparazzi or threat actors, it could backfire on the executive protection team and the protectees. As a matter of fact, it could result in dire consequences, including embarrassment, harassment, injury, or death.
Remember the old days as an EP agent with brick/flip phones and printed-out paper maps? If I remember correctly, one of the first Messenger services I used was Yahoo messenger. We have come a long way since!
Smartphone penetration hit over 82% of the US population in 2021.
During the pandemic, usage of messenger platforms like WhatsApp grew by over 40%. However, the rapid growth brought along concerns about security and privacy.
Most “secure” messenger apps have become more business-focused than user-focused by exploiting users and their information for corporate gains. Sometimes without consent. When we message on a centralized platform, we are at the mercy of the corporations’ policies.
Secure messaging as we know it is about to be revolutionized by Blockchain technology. A wave of new blockchain-based messaging apps will soon emerge. Blockchain brings permissionless, trustless, and open-source technology that will eliminate the legacy problems currently seen in messaging applications. As we recently saw with WhatsApp’s E2EE being bypassed from back-up storage on Cloud servers.
Blockchain technology will provide a secure infrastructure for messenger platforms. Everything on the blockchain is encrypted, and the data stored on it cannot be altered. Essentially hack-proof systems with no third-party access.
Blockchain will provide decentralized communication services that will transform users into owners through token-based access and non-custodial anonymous wallets.
Soon the days of using Signal and Telegram are coming to an end, and messengers like TokLok will be the next round of “real” secure communication.
In this article, we tried to explore the pros and cons of the most secure messaging apps in 2023. We don’t want to vilify or recommend any, as EP practitioners and teams will have to find the best fit for themselves, depending on the size and needs of the particular detail.
As a rule of thumb, we recommend using apps with the following features:
Self-destructing messages,
End-to-end encryption,
Ease of use and ubiquitousness, and
No data collection policy.
Ultimately, we urge you to look at alternatives and perhaps even pick paid plans, as it could mean that a company has a vested interest in protecting your data. In fact, they could become liable if something does become revealed to somebody outside the conversation.
Whether you are with your principal in Australia’s outback, in Africa’s cities plagued by erratic driving and armed gangs, or in the suburbs of Latin America, you don’t want anybody listening in on your plans and schedules.
A final word of advice: Invest some time to establish what you need and pick the right app now instead of staying with whatever default options you have built-in!
For our latest edition of real-life scenarios, we invited GDBA’s Senior Vice President, James Hamilton. He was so kind to share two interesting stories with the EP Wired community. They relate to physical positioning and what it means to be near the principal in the most critical and — most mundane — moments.
Without further ado, we bring you a story on why you sometimes need to get coffee for your principal and another on why you can’t fight a rocket with a firearm!
Getting Coffee for the Principal: Story #1
At one point, I was protecting a high-net-worth individual. We were driving in a big US city, and they wanted to get coffee. I thought about it.
They were in an armored vehicle, and I was in the follow vehicle. So I said to myself, “Wouldn’t it be smarter if I went inside, got the coffee, and left them in the armored vehicle? And then we would be on our way.”
Thus, I told the protectee, “Please, stand by. I know what you usually order. I’ll go get it for you.”
I went outside, got the coffee, and came back out. Much later, I saw a colleague who told me: “I saw you getting your protectee’s coffee earlier today. Is that what you all do as bodyguards?”
I replied: “No, actually, what I was doing was keeping them safe. But I appreciate you criticizing me.”
What we at GDBA call that is the theory of controlled spaces. In other words, you keep the protectee in a controlled environment and don’t expose them to an uncontrolled environment if you can help it.
I didn’t know it was called that at the time, but I thought that was the right thing to do — and I did it.
On Exposure
As this was a very HNW individual, the chances of coming up to them, either wanting an autograph or wanting to throw something on this individual, was a thing we had to consider. Why expose them to that environment if you don’t have to?
Now, certainly, if they want to go outside, you have to let them do their thing. But my protectee was completely fine with it, which was very helpful because it saved me a lot of headaches.
Unfortunately, many bodyguards put themselves or their clients in a position of concern where they don’t need to.
I’ve heard bodyguards say, “Well, I don’t get coffee,” or “I don’t deal with dry-cleaning,” or whatever.
There are times when that is the right call. In that situation, with multiple protectors and multiple vehicles, that was the right call. I wouldn’t change a thing, and I’m glad I did it.
Back then, I just didn’t know that what I did had a name.
The Warzone: Story #2
I was with a government official in a warzone, and you might assume whether it was Iraq, Afghanistan, or one of the others. But, the plan was to take this official to a building and up onto a roof, where we did not control the surrounding high ground. So, it was a very unfriendly environment.
My intuition said: “Don’t do this!” But I wasn’t the advance agent. I was on body coverage (AIC). And when I got to this location, they told me what the plan was. But I was like: “Why are we doing this outside on a roof? Why don’t we do it here, in the conference room?”
When we got to the roof, we were there for about 10-15 minutes. I got pretty close to the protectee because I knew that, if something bad happened, I needed to move him. I was thinking of a sniper or something like that.
At one point, a rocket came from the high ground and hit pretty close that I heard it. We all scrambled to get off the roof. The key point for you is you have to be physically positioned close enough to the protectee to be effective. And I was. I was able to grab him and take him down the stairs and get him to safety.
Manhandling the Principal
The protectee didn’t think the rocket was that close and might not have been like in the movies, but it certainly was close enough for me. So, he was angry because I manhandled him. But it was what I needed to do at the time. I don’t regret it. I do regret going up there. My intuition advised me against it.
However, I let others override that. Obviously, the protectee gets a voice and a vote, and he would have probably overruled me.
Looking back on it, I guess it could have been worse, but I’m glad I reacted the way I did.
At that moment, there is no upper management to complain to. It’s just you and the principal. So, the best thing to do is to say, “Okay, I’m going to be close.” Because, a lot of times, they say: “I don’t want you that close to me.”
In that situation, I said: “We shouldn’t be up here.” But he stated: “We’re going to do it.” And then I responded with: “Okay, I’m going to be close.”
Closer than he likes, probably. But I have to be close, and this is what I mean by physical positioning. You have to be close enough to actually cover and evacuate, to grab him and move.
On Effectiveness and Physical Positioning
As a protector or bodyguard, you could give too much space, and then you are not effective at all. Our company has an analogy that says: “You are being paid to prevent a layup, like in basketball.” Then, you have to be on the court. You can’t be in the stands.
Unfortunately, I see many protectors who are in the wrong position. In America, they think they are just going to shoot the problem. Well, in my situation, you can’t shoot a rocket.
In most incidents, when somebody runs up on stage to disrupt a speech or something like that, you’re not going to shoot that person. If pulling a gun is your only response, I’d say you don’t really understand what you’re doing.
There are certainly times for firearms. Yet, my experience has been that physical positioning is what makes or breaks a successful detail in the field. Not residential protection, not office protection where you are supported by technology and other layers of protection. In the field, your mental acuity as a protector and the physical positioning are really the secret sauce. Think Jerry Parr.
Security is often seen as something done ‘to’ people rather than ‘for’ people. Despite the progress, it still struggles to be seen as the profession it is. In fact, those involved are not perceived as the respected professionals they are. Along these lines, a celebrity PR campaign comprises one of those struggles.
When looking after people in the public eye, their PR team, their lawyers, and their management team are perceived as more important than the security team employed. In some cases, despite the experience and skill set, the security professionals are still told what to do by the principal. Most worryingly, their advice is rarely sought.
This is, of course, frustrating. But, more importantly, it is a dangerous position to take.
To that effect, let’s take the recent article by the British pop star Rita Ora.
PR Campaign Gone Wrong
For context, once a favourite of the popular media, she fell foul of them when she was caught having a very public party during Covid. As a result, she left the UK and tried to rebuild her reputation from afar. Having recently returned to the UK, a PR campaign has ‘spun’ into action.
This PR campaign included giving a 12-minute video tour of her GBP7.5million, Grade II-listed London home to Architectural Digest. That article was then re-published to The MailOnline in the UK, which has roughly 24.7 million monthly visitors.
In that article, Rita Ora identifies a ‘Blue Plaque’ outside her home. A Blue Plaque is a permanent sign installed in a public place in the UK and elsewhere to commemorate a link between that location and a famous person, event, or former building on the site, serving as a historical marker.
When we look at this PR exercise from a security perspective, it generates several significant and some permanent security risks.
The primary issue is that Blue Plaques are all registered, so that a simple Google search will give you the full home address of Rita Ora. She cannot take the plaque down or change her address. She has now publicised exactly where she lives.
Next, we are treated to a video tour of her home, including her pointing out highly valued bespoke art pieces.
The Panic Room Revealed
The article provides further links to other articles in which we find out that within the plans for the redevelopment, there is a panic room.
Further images published highlight exactly where the security cameras will be located.
In this example, pretty much every security issue that should be kept private has been published. Doing so hugely increases the risk to her and possibly compromises her insurance.
I suspect this has happened because the security professionals are not included or considered intrinsic to her team. This may be because they haven’t proven their worth or perhaps because they have been kept at arm’s length.
Red Flags Everywhere
This is a critical error. When working with any team looking after a person of prominence, power, or significant wealth, the security team must be included in all plans, whether:
PR,
Promotional or
Otherwise.
They must demonstrate from the outset that they are professionals that add value and have relevant knowledge.
Security professionals are not expected to be experts in everything. But they must show that they have an awareness of the broader security implications, especially for a PR campaign.
The publicity attached to the article will be gold dust to anyone fixated on Rita Ora, who will spend hours, days and weeks researching the person they are obsessed with. They crave proximity, so they know where:
To the criminals who target such people, they can conduct most of their research without leaving home and enter the premises fully aware that she possesses unique pieces of artwork made exclusively for her.
Kidnap Potential
The plans of the home are also certainly available online, and having watched the video and identified the rooms she shows off. It’s possible to locate where the panic room is and how to prevent her from getting there. That sought of detail is ideal for a kidnap team.
Whenever engaging with a new client, it is critical to establish what role you will play. If you are excluded from the type of decisions mentioned, then your ability to perform is undermined, and your reputation will be trashed in the event of a security failure.
The security professional can add significant value by providing a detailed risk assessment, identifying potential issues and how to defuse them. That may require some proactivity in determining what private information is publicly available and whether that can be rectified.
Final Remarks
Imagine the difference this article might look with the advice of a security professional’s involvement. Let’s suppose that they were determined to pursue the PR opportunity.
The security professional might advise that before doing so:
any building and other plans of the home be removed from the internet,
that no references be made to the Blue Plaque or to those who previously lived at that address, and
that no external pictures were published.
Suddenly, you have an article about her new home, without any details of where it is or how you might find it. There would be no plans online providing details of the location, the security cameras, or a panic room. Those mitigations then make it far more difficult for anyone to target that home, enabling the occupant to feel much safer.
Such articles and feature magazines like Hello and similar publications give far too much information away.
The fact is that when a security team is brought in, it is because there is a real or perceived risk. When embraced as an integral part of the team, the security professional’s involvement can be the difference between life and death.
News broke out of a Guadalajara restaurant shooting, leaving three people dead and four wounded in the Mexican metropolis. Government official Salvador Llamas Urbina was killed by a person eating alongside him at the said diner. Llamas Urbina was a political party national adviser and head of the Municipal Cabinet of Puerto Vallarta. Moreover, it seems that additional attackers assisted the primary assailant in implementing the attack.
A few of the people who found themselves near the Guadalajara restaurant shooting fell victim. Among them were also Fernando Muñoz, former Security Commissioner of Puerto Vallarta — and one of the assailants. As the authorities are trying to establish what has actually happened, it seems that the attack was planned, and the victims were targeted.
Some media assert that law enforcement has found iron devices in the nearby street. In fact, experts claim that aggressors used these to puncture tiers of police cars in order to make them slower in responding.
To get a better insight, we asked Ivan Ivanovich from Mexico to weigh in on this incident!
Ivan Ivanovich, Worldwide Security Options
Three abandoned vehicles were found outside the Sonora Grill, where the attack occurred. Inside, weapons, punctured tires, and other evidence were found.
It has not been easy to reconstruct the facts due to the confusion of the information. However, we may conclude that the executive had at least five escorts. These include Captain Francisco Muñoz (who tried to repel the attack), who was outside the restaurant, while Llamas ate with his killer.
As in other cases, the tragic scheme is perpetuated in which all protection is reduced to armed escorts. This is an approach that seldom produces results.
Once again, unfortunately, we realized that an armed and numerous operation is not necessarily effective, but rather the opposite. Resources were not lacking, but the knowledge to protect the official’s life was.
Knowing the protective logistics, making the protectors operate in a different scheme, and prioritizing counter-surveillance, early warning, and non-conventional protection are factors that would have made a difference. Only a radical change in the way of operating can make this profession safer for both the protected and the protectors.
Protection teams and entire armies from diverse cultures have historically adhered to moral standards for conduct that would benefit them for the duration of their lives and determine their success. Taking a retrospective, humanity’s understanding of the goals and consequences of its actions has led to the development of the so-called ethics that multi-billion dollar corporations today have standardized. This article explores just that and how executive protection teams fit in.
But before that: The objective of the first ethical Greek philosophers, who appeared in the fifth century BC, was to awaken human civilization to the significance of analysis of its values and actions. The trusting historical attributes of the aristocracy and the skeptical pragmatism of the business class prompted philosophers such as Socrates, Aristotle, and Plato, to examine the above. They required justifications for moral standards because they were dissatisfied with the self-fulfilling claims of tradition.
Ancient philosophers were responsible for the development of modern ethics. They believed that through rational thought, humanity could formulate a set of moral guidelines that would balance the goals of each individual with those of society as a whole. Thus, they would be broadly applicable to all social groups — and for this article’s sake — mostly applicable to today’s executive protection teams.
The Board’s Mission and Ethics
The concerns of ethical experts switched from theoretical to practical ethics in the centuries that followed, i.e., to the latest ideas about the purposes of human existence and new values of behavior. Moreover, social change influenced every new era, including shifts like the
Extinction of ancient traditions,
Rise of new institutions and social groups, and
Transformation of dominant groups.
As a result, new social and ethical norms and new guiding concepts for personal behavior come with each subsequent generation. From a historical perspective, it is, therefore, impossible to see the emergence of ethical systems as a simple shift. Conversely, variations in social, political, religious, and economic structures across centuries have affected viewpoints on ethics and morality, as well as behavior expectations.
The complex organizations of the twenty-first century developed more stringent, multi-stakeholder, and transcontinental guiding programs to promote and support the Board’s mission.
The Right Thing to Do
The Association of Certified Fraud Examiners recommends strengthening organizations’ corporate governance programs by having employees sign their internal Code of Business Conduct and Ethics (COBCE) policies. That is a reasonable risk prevention practice that many enterprises use yearly. This ensures that everyone knows their fundamental responsibilities and complies with the highest standards of professionalism throughout the business mission, vision, and ethics.
Ethical concerns, as a set of morals and guiding principles for ‘right-to-do’ actions, are integral to day-to-day routines, particularly for EP and security professionals.
To guarantee that executive protection teams are not simply signing the last page of the policy as an acknowledgment and submitting it back to the Chief Compliance Officer or Chief Security Officer (CSO) as an internal reference, Loss Prevention and Code of Conduct and Ethics training is now mandatory as part of companies’ governance programs. Trainees complete those trainings only with exams to demonstrate successful execution to accomplish the program’s overarching goal.
The ACFE emphasizes that ‘Tone at the Top’ is a crucial element of the success of corporate governance programs. Having the right sponsors leading the way, such as the company’s Chairman and CEO, through a statement of purpose at the beginning of each training, influences the right culture as much as the COBCE itself. Centre for the Protection of National Infrastructure recommends the same approach through its 5Es model for embedding a security culture by endorsing credible sources such as CEOs and CSOs.
The Culture of Accountability
Professional EP programs serve a ‘Duty-of-Care’ context that includes strategic security risk management (SRM) aims in alignment with the business environment.
Despite being linked, SRM and security governance have different concepts. Designing and implementing a combination of control mechanisms and tools will allow your principal to rest assured that security risk mechanisms are well-thought-out, implemented, and running, which is essential for executive protection and security management.
Security governance establishes the foundation for an accountability culture that shapes and reinforces ethical and sustainable SRM behaviors from top to bottom within our executive protection teams. In conjunction with the overall security governing structure, security management systems establish relevant policies, protocols, and regulations under this holistic EP services program.
Different EP managers globally and in charge of their program activities, along with all EP agents, are held accountable for implementing and preserving such protective strategies. Following the basic SRM infrastructure comes down to the very personal, independent skills widely known as ‘soft skills’ or ‘people skills’ to contribute to the desired resilient EP environment. A team’s attitude, ethics, and character define its resilience level.
On Resilience of Executive Protection Teams
Resilience in the contemporary environment is more about preserving a valued capability as a human and less about structured, documented tools. The idea of resilience is more linked to safeguarding your principal and organization in extent, vision, and mission rather than formal loss prevention strategies.
Resilience is the capacity of executive protection teams, a single agent, or the organization, to mitigate the negative impacts of disruptive events. But also to capitalize on the situation as a catalyst for improvement. The EP team’s ability to profit from the incident together, rebound and go above and beyond the pre-event protection level matters the most in this context. For example, the incident may have
Resulted in casualties, or
Ruined or severely affected equipment — or even behaviors.
Notable terrorist acts or significant global environmental disasters are illustrations of these events. But, most significantly, disruptive events may be of any extent or complexity and would demand resilience. To recover stability and growth, the team must adopt or employ a resilient mindset for each event.
Therefore, fostering resilience is more about establishing a versatile, adaptive, and changeable manner of thinking, behaving and managing. This is the ‘How’ of influencing the transformation in both the external and internal settings rather than rigid systems, stiff practices, and tangible methodologies. This is where ethical considerations come into play within executive protection teams and ultimately determine the success level.
“…it is not the strongest of the species that survives, nor the most intelligent that survives. It is the one that is the most adaptable to change,” Charles Darwin.
I got a call yesterday from a friend who is a well-traveled contract EP professional in Southern Florida. He panicked because he had accepted a contract position on a travel team supporting a company CEO attending the World Cup in Doha, Qatar. Yet, he didn’t know much about traveling there.
I understand his panic, as I found out recently from my client we were attending as well with our client and began to delve into what I would need to go to the World Cup in Doha. So here is what I learned from traveling to Doha to conduct our initial advance.
If you don’t have a ticket or an order number, you’re not getting a hotel room or going into the country. The Qatari government locked out all hotel rooms and put the following stipulations on getting one. First, you must have a verifiable ticket or ticket order number to reserve a space.
You’ll need that ticket number to get your Hayya card and the Hayya card to get your visa.
COVID Requirements
Qatar isn’t quarantining anyone not vaccinated. However, both vaccinated and unvaccinated guests need to have proof of a negative COVID test within 48 hours of their flight to Doha. Once you get into Qatar, you’ll need to download the Ehteraz COVID tracking app to your phone.
Based on the information you gave the Qatari immigration while entering or if you did the online preauthorization (highly recommend), it should turn to a green QR code showing you’re clear. You will be asked for this QR code everywhere you go to get into malls, restaurants, hotels, and events. In addition, the US State Department has a World Cup link on the OSAC online portal with many good links and information.
Transportation: World Cup in Doha
We were fortunate to locate several vetted local security drivers at a reasonable cost. At this point in the timeline, there are no rental vehicles to be had. In fact, companies that have the capacity to still provide services are costing ten times the normal rates.
The other issues are the Qatari government will be instituting traffic control measures, special lane restrictions, and odd/even license plate days to throttle traffic levels. So, you’ll either need to take public transportation or have one vehicle with an odd number plate and the other with an even number plate. Public transport will be free but overwhelmed.
Venues
The football stadiums we traveled to examine the locations are mostly local team stadiums or built for the event. Traffic lanes and access routes were not improved to handle the number of fans descending on the venues. There will be VIP/VVIP traffic lanes and drop-off points at each stadium we saw.
Medical
Medical infrastructure will be very stressed in a mass casualty event and has been enhanced to accommodate the surge in tourism. You will receive medical treatment at no cost if you have a Hayya card. They have several major hospitals and clinics designated for medical treatment; we found only one level 1 trauma center.
Security
The Qatari government is bringing in troops from Pakistan and Turkey to help secure the events. They are also mobilizing their military reserve forces to add workforce to man security and logistical areas. They will all wear a common police uniform. Unfortunately, all these people will not be able to be adequately trained to deal with the thousands of drunken and unruly football fans that the Qataris have never dealt with. It’s currently illegal to be publicly intoxicated there.
Alcohol
FIFA will set up Fan Zones where alcohol will be sold in some sort of controlled quantities, and so will the stadiums. However, hotels will have no such controls over how much alcohol fans drink before they go to the games. Fan zones are adjacent to several major soccer venues and are designed to accommodate up to 40,000 people. What could go wrong?
General Impressions
The country of Qatar is hustling to finish a lot of infrastructure projects and accommodations that were still unfinished when we visited at the end of September. The country is trying to be ready. But I doubt it will even be close to accommodating 1.2 million tourists descending on the city. So bring your patience and plan for anything that can go wrong.
When EP Wired reached out to me with the opportunity to write about physical access control, I was initially stuck. Like many in the access control industry, I had not thought about the executive protection industry very much as it related to being a stakeholder in physical access control.
So, I first needed to tackle the topic of “What are you going to write about?” After a handful of emails, calls, and text messages with colleagues about this topic, it dawned on me that this is a story about where we are going, not where we have been.
Thus, I set out not to write about how the access control industry and its products are, frankly, not built for EPAs. Still, with what I know about the future access control systems, we should talk about how the EP industry should expect more from the access control industry beyond “lockdown” and why now is the time.
The EPAs in my network tell me that systems today add zero to a minimal amount of value to what they do daily. In fact, in some ways, yesterday’s physical access control systems are making their jobs harder, and the EPAs are forced to manipulate or “trick” — as one EPA told me — for the systems to work as needed.
So if there were one area to focus on that is not too far outside the mainstream market needs of access control systems that would speak to the value created for EPAs, it would be: software.
Historically, access control systems software has been a hardware feature, like readers, locks, and panels. Access control systems use the software for functionality such as:
motorization,
configuration, and
log files.
Letting the Right People In
In recent years, through the introduction of cloud architectures, you are starting to see more software-centric systems that use hardware as a feature of said software and deliver a very different set of opportunities.
Since the beginning of electronic access control in 1973, the hardware-centric value proposition has been about keeping bad people out. The system’s primary goal was to do just that — keep bad people out.
Nowadays, with a more software-centric approach, especially coming out of the pandemic, the value expectations of access control systems include letting the right people into the buildings. Again, very different.
Most historical access control systems are not set up for nor developed to allow the right people into the buildings. This change in how some systems are built is not a binary conversation.
We can live in a nuanced world where we have systems built for one reason and others built for other reasons. And we are at the beginning of that world existing now. This change represents a new way to think about how our physical access control systems are developed and implemented. They need to be more flexible, open, and “human.”
The New Truth and Physical Access Control
The fundamentals that will make software-centric access control systems flexible, more open, and more “human” for EPAs will be:
APIs and SDKs: available, documented, and open.
Data strategies: how, where, when, and why is the data collected, managed, stored, and expressed.
User interfaces: if not included, extracted, and capable of taking the data and information and creating a user interface that is either embedded or speaks to the particular stakeholder.
The systems built for today and tomorrow versus today and yesterday are built with these and other modern architectures. You should expect to see this. In fact, many of us believe that shortly, you will not have to worry whether or not the physical access control system you are interacting with has this.
Like power windows in a car, it just comes standard. Sure, there are new models of cars without power windows and existing cars on the road that don’t have power windows. But it is not the standard anymore. We, as an industry, are not there yet. Still, all signs point to the fact that we are not very far away from this being the new truth.
One-Way Accessible Street
With this new level of expectation and system configuration, here are two areas where EPAs should expect software-centric access control systems of the future to add immense value for them as a stakeholder:
Easily accessible and actionable data, allowing EPAs to make data-driven decisions coupled with their training and instincts. Instead of viewing the building as a static blackhole, you need to game plan around it. You would have access to data you can use. Think of this as a one-way accessible street and additional real-time data point(s) for your assessments and planning.
And with that accessible and actionable data, the EPA suddenly has a new tool for the EPA tool belt if a user interface is introduced. Physical access control systems become dynamic, responsive, and more “alive.” In turn, so do the buildings they are installed within. Think about it. What would it look like if an EPA could query a building in real-time, get data back, respond, and have the system change based on the interaction? Or, the other way, what would it look like if a building could query an EPA in real-time, get data back, respond, and have the EPA change based on the interaction? Kind of like Knight Rider, but for buildings.
A Ton of Value
Once we have more software-centric systems built with flexibility and openness and the resources built with APIs, SDKs, and in some cases, interfaces, the value creation opportunities are endless. And remember, the value doesn’t stop just for the EPAs.
I believe this is a two-way value creation opportunity where the EPA’s interaction with the building can bring a ton of value back to it, especially if external. Buildings having a voice allows the imagination of possibilities to go wild!
The resulting mutual benefits make the EPA and the building more resourceful, intelligent, detailed, and able to respond more effectively to situations. All in all, delivering more safety, wellness, and productivity to those we serve.
How else could a software-centric access control system deliver value for the EP community? I’d love to hear your thoughts, especially from EPAs. It is time to have a more prominent voice in the access control industry.
