Multilingualism – a Vital Advantage in Global Security

Paper with multiple languages

“Knowledge of languages is the doorway to wisdom.”

-Roger Bacon

A recent survey of Chameleon staff revealed that 65% speak at least one language other than English, with some fluent in as many as four. As of the time of this post, the Chameleon Team can handle: Dutch, English, French, German, Czech, Hebrew, Italian, Maltese, Norwegian, Papiamento, Danish, Polish, Russian, Arabic, Spanish, and Swedish.

Our linguistic versatility is important to us. Communication is at the heart of good business and especially consulting. Being able to connect with clients in their preferred language helps us get to know them better, and by understanding their needs at a deeper level, offer them truly meaningful consultation. We strive to meet those we serve where they are and, to that end, recognize the many ways in which one culture might differ from another. This ethos is key to our unique value proposition.

It's important to clarify that really mastering a language doesn’t just mean advanced vocabulary or conversation skills. Comprehension lies in understanding the cultural principles that drive conversational nuances, grammar, and more. Understanding cultural differences helps us to avoid potential misunderstandings, establish trust, and build stronger relationships.

Consultants in our industry love to talk about “thinking outside the box.” And while we certainly believe in being innovative and creative, there’s incredible importance to being able to think inside a client’s box, too. Putting ourselves in our clients’ shoes allows us to see the world through their cultural framework – to be able to see threats and solutions through their eyes. This empathetic approach to consulting has proven very advantageous.

A broad command of multiple languages is useful to Chameleon not only in the office but in the field as well, whether conducting Threat Risk and Vulnerability Assessments or doing training.

As a recent example, we were asked to draft an intelligence report for a corporate client planning a large event in Athens. Being able to conduct preliminary OSINT searches, render analyses, speak with Greek security managers at various posts, and communicate our findings in Greek made a world of difference. This would not have been possible if we had provided our services solely in English.

The sort of benefits we were able to provide with our understanding of non-English languages like Greek isn’t limited to Europe. When it comes to processing intelligence and operational information from, say, the Middle East, accuracy, scope, and slant differ greatly depending on the source of information gathered. Meaning can easily be lost without a deep understanding of nuanced differences between Arabic, Farsi, or Hebrew. Language – and by extension, cultural literacy – is critical for sourcing, making sense of, and relaying information correctly.

Being able to conduct intelligence collection and analysis in multiple languages, whether in response to an OSINT query, or as part of local media monitoring, or for reading between the lines of foreign-language documents, is simply fundamental to what we do.

Much of our business comes from providing threat, risk, and vulnerability assessments and making change recommendations to protocols, policies, and procedures to clients across the globe.   Think about how culture informs a company’s values, work ethic, the pace at which work is done, and how both management and employees perceive security. These are important considerations because they directly affect the ability to put recommendations into action successfully.

Observing and honoring what makes people different is key to helping our clients achieve their security goals and to building good-faith relationships. We’re problem-solvers at heart, and our diversity in communication and cultural understanding helps us generate solutions that endure.

Further Reading:

Ask us about our OSINT and HUMINT services:

  • Open-Source Intelligence reports that may cover geopolitics, data leakage, threat trends, travel security assessment or investigations into individuals or organizations.
  • Online & Social Media monitoring with surveillance of client’s digital footprint across public online platforms and major SM networks, to identify threats or concerning on-line activities.

And to register for our upcoming Security Executive Forum in London, click here.

When We Can’t See the Threat: Understanding the New Face of School Violence

Girl stares with a concerned look outside a classroom window.

by Peter Crabbe, Director of School Operations for Chameleon Associates

The quiet hum of a school hallway has always been punctuated by the energy of youth: lockers slamming shut, whispered gossip, the frantic shuffle to class before the bell. But in recent years, those same halls are becoming places of collective anxiety. Fear no longer lives only in what might happen outside the school — it now lurks within.

Two recent school shootings, one in Madison, Wisconsin, and another in Nashville, Tennessee, have drawn attention not just for their tragic loss of life but for the deeper, more complex questions they raise. Both were carried out by young people who, according to researchers, were steeped in a disturbing digital subculture that glorifies violence, and not for a cause, but for its own sake.

We’re watching the face of radicalization change before our eyes. It's younger, more diverse, and less ideologically defined. This is violence without a banner, extremism without doctrine. It is terror rooted in nihilism and accelerationism (defined here as the belief nothing has value, society is headed for destruction and the only answer is to become famous by helping it destroy itself).

These two thought forces have combined to form a toxic recipe for a new, difficult to detect, form of violent grooming and planning.

In school communities, the pressure to "do something" mounts. But what, exactly, can be done when the threats don’t come with manifestos easily labeled “far-right” or “religiously motivated”? What happens when even experts can't categorize the cause?

What happens is paralysis.

The Growing Fear and the Growing Silence

Fear in schools is no longer a background hum; it's a siren wail. Every counselor, principal, and teacher now live with the dread that one of their students may not be a victim, but the next perpetrator. School communities feel this pressure acutely: the consequences of failure are unbearable, yet the path to prevention is foggy at best.

Law enforcement struggles to keep up with a rapidly shifting threat. Parents are bewildered by what their kids are exposed to online. And school staff, already stretched thin, are expected to become psychologists, social media analysts, and counter-extremism experts - overnight.

Faced with this complexity, the most common reaction is despair.

We suggest that the answer lies in clarity - it’s not about doing everything but rather in knowing what can and cannot be done.

What Schools Cannot Do

Let’s start with what’s beyond the reach of schools:

        They cannot change laws overnight.

They cannot police the internet or dismantle dark web subcultures.

They cannot override cultural forces that glorify violence or normalize trauma.

Expecting schools to solve society’s deepest digital and psychological ills is unrealistic. But rather than an excuse to do nothing, it's an invitation to focus on what is possible.

What Schools Can Do: A Call for Operational Awareness

Rather than chasing the impossible, schools can begin by doing something far more pragmatic and potentially powerful: create a two-column list.

Column One: What We Can’t Do. Be honest. List the things that are outside your institution’s control.

Column Two: What We Can Do. Focus here. This is where change begins.

Let’s explore that second column:

  1. Increase Awareness, Not Panic.Educators and parents need to be brought into the loop on the real dynamics of online radicalization. Awareness means understanding that glorification of mass killers, communities like the True Crime Community (TCC), and even dark fandoms can become pipelines to violence, not through ideology but through obsession, despair, and peer pressure.
  2. Understand the Method of Operation.Most schools never ask how radicalization happens, only why. But the “how” is often more actionable. The process usually involves digital desensitization (via gore forums), emotional grooming (through exploitative groups like 764), and identity-building (in nihilistic or violent online communities). These are operational steps, and schools can learn to recognize the signs.
  3. Demystify the Threat.The more these online cultures remain a mystery, the more power they hold. Schools can work with experts to unpack the language, symbols, and memes used in these communities. Training teachers and staff to decode this digital dialect can make early intervention possible.
  4. Develop Countermeasures to the “How.”Once you understand the process, you can disrupt it. Schools can implement peer-led programs that channel students toward healthier online spaces. They can create anonymous reporting structures for students to flag concerning content. They can even introduce digital literacy courses that teach students how to critically evaluate the communities they’re joining.

A Path Forward, Rooted in Realism and Value

The temptation is always to look for big answers to big problems. But the tragedy of school violence isn't about finding one big fix — it's about making dozens of smaller, wiser moves that add up to meaningful prevention.

No, a school can’t stop a neo-fascist meme from spreading across Reddit. But it can start a conversation in the classroom that makes that meme feel less powerful. It can train counselors to ask the right questions. It can listen to students when they talk about what’s happening online, not just what’s happening at lunch.

As the root of this new form of terror is nihilism - the belief that nothing has value - then one solution is to increase awareness of value. We don’t attack what we value, own or love. In that way, we need to bring light into the darkness.

When Awareness Saves Lives: Real Stories of Prevention

Despite the grim headlines, there is hope — and it often starts with students who are paying attention and adults who are willing to listen. Here are just a few examples of school shootings that were stopped before they could begin, thanks to awareness and care within the community:

Arlington, Texas (2024) 

A high school student overheard a peer talking about bringing a gun to school and reported it immediately. A search of the student's belongings revealed a loaded weapon and a hit list. Local police credited the tip with preventing a mass tragedy.

Tippecanoe County, Indiana (2023)

Two teenagers were arrested after fellow students discovered their detailed plan for a school shooting including maps and weapon sourcing. A classmate they confided in became alarmed and told a teacher. The school and law enforcement worked together to intervene in time.

Salinas, California (2022)

A student told school counselors about a peer’s disturbing social media posts referencing violence and admiration for mass shooters. The ensuing investigation found evidence of a credible plan to attack the school. Intervention included mental health support and law enforcement involvement.

South Lyon, Michigan (2021)

Students reported threatening messages posted online by a classmate. The school resource officer and district quickly investigated and discovered weapons at the student’s home, averting what police described as a "significant" threat.

Each of these stories began the same way: a student noticed something, felt a sense of responsibility, and trusted that their school would act. That trust, that awareness, is not accidental — it is built over time by schools that commit to understanding the problem and creating a culture where safety isn’t just a policy, but a shared value.

Again, students protect what they value and love.

Final Thought: Fear Should Not Paralyze Us

While the fear school communities feel is understandable and justifiable, we must not let that fear become a reason to do nothing. Schools, despite their limitations, remain one of the few remaining social structures where early warning signs can be identified and where culture can be reshaped.

We don’t need schools to be superheroes, but we do need them to be strategic. By defining what can and cannot be done, schools can begin to act with clarity — not just out of fear, but out of understanding.

School Security - Chameleon Associates

Tangled Webs: Knitting for espionage During Times of Conflict

Photo of a needle and yarn

When people think about espionage, the James Bond archetype usually comes to mind – mysterious aliases, cool cars, cold indifference, and nifty gadgets. What they don’t think about are the more mundane ways in which real spies have conducted operations throughout history.

Knitting for a Cause

During both World Wars, knitting was a popular form of espionage among female spies, allowing them to transmit messages under the guise of a seemingly benign activity. This was at a time when society largely perceived women as meek and subordinate to their male counterparts.

Intelligence organizations were quick to exploit the public’s underestimation of women, however. Throughout World War I, European powers employed elderly Belgian matriarchs to transmit valuable information about the adversary. These women would intentionally alter their knitting patterns—such as dropping a stitch or creating a bump—to encode messages about enemy troop movements. The women would then pass these coded garments to resistance fighters, who could decipher the information and use it to their advantage.

The simplicity and universality of knitting made it an effective medium for encoding messages in binary, where a dropped stitch might mean a zero and a textured bump might correlate to a one. Spies of the past were known for incorporating these simple patterns into garments and textiles to convey details about positions, combat plans, and other operational intelligence.

Famous Knitting Spies

No story would be complete without its characters. During each World War, a handful of women stood out for the unique tactics they utilized while knitting as spies. History has recognized these individuals as truly exemplary in their efforts and courage.

Phyllis Latour Doyle

Phyllis Latour Doyle was a British secret agent during World War II. She spent her time in service knitting as a cover, passing code in secret. But her journey was more than a walk in the park. She parachuted into occupied Normandy in 1944. Once there, she would ride about on a bike, flirting with German soldiers and covertly collecting intelligence. Then, she would take to her needlework, etching what she learned into fabric for recipients in morse code.

Elizabeth Bentley

American Elizabeth Bentley built up quite a post-war reputation as a knitting spy. Her actions, however, were not on what many would call the “right side” of history. She operated two, separate espionage rings that would regularly relay damaging information about the United States back to officials in Moscow. She even went so far as to smuggle sensitive documents in her knitting bag to and from drop points connected to the Kremlin.

Madame Levengle

A third maven of the craft went by the name of Madame Levengle. Her ruse involved a more complicated method of espionage. Levengle would sit at her window watching troop movements while knitting, her children would listen for their mom’s foot taps, as they pretended to engage in schoolwork. These taps would indicate troop movements, which the children would then translate to writing, and subsequently pass off to the Allies. 

Historical Recruiting Efforts

Many nongovernmental organizations promoted knitting as a patriotic pastime during both wars. The American Red Cross promoted an intense marketing campaign, calling upon women to take up knitting as a way of creating clothes for soldiers on the front lines. In reality, these calls to action were nothing more than clever ways to recruit mothers, sisters and wives as spies against the Germans. 

Concealed Communication Today

The practice of using knitted goods to convey codes and signals is an example of steganography, the word used to describe hiding messages within innocuous-looking items. Steganography is still used today when traditional communication channels are compromised or under surveillance. 

In more modern applications, steganography is used regularly on the digital frontier. Cyber hackers today use “covered” communication to transmit malicious code, tunneling protocols or display instructions, sight unseen. A simple example might look like one terrorist sending attack coordinates to another using an image instead of text to avoid detection.

Conclusion

Like knitting, any humdrum task can be used to disguise espionage in plain sight. While modes of communication have grown increasingly sophisticated, sometimes the simplest ones remain the most effective, especially among spies.

To read more about knitting agents of the 20th century, click here: https://getpocket.com/explore/item/the-wartime-spies-who-used-knitting-as-an-espionage-tool?utm_source=firefox-newtab-en-us

To learn about codes and signaling still in play today, check out this article from the Central Intelligence Agency: https://www.cia.gov/stories/story/smoke-and-mirrors-the-magic-of-spycraft/

New Surveillance Tech Gives Security Pros a 360-Degree View of the Threat

Panoramic Camera

As threats to physical security become more complex, staying ahead of them requires cutting-edge technologies that offer greater situational awareness. One technology seeking to outpace the adversary is the 360-degree camera system. These omni-directional surveillance tools provide expansive coverage and valuable insights for security analysts and decision-makers.

Understanding 360-Degree Cameras

Traditional security cameras often have limited fields of view, necessitating multiple units to cover a broad area. Even in facilities with dozens of cameras, there are too often too many blind sports. Conversely, 360-degree cameras use multiple fisheye lenses in a single unit to capture a full panoramic view from a single vantage point. This design ensures that no area within the camera's range is left unmonitored, effectively eliminating blind spots and enhancing overall security coverage.

Key Benefits of 360-Degree Cameras

Full range – or 360-degree – camera systems have a lot going for them. Beyond the obvious, their value to physical security professionals is substantial, providing a reduction in equipment, lowering operating costs, increasing the quality of situational awareness, and streamlining the surveillance process for those in charge of monitoring feeds.

Minimal Equipment and a Lower Cost

With their wide field of view, 360-degree cameras are an effective replacement for traditional surveillance arrays. Consolidating multiple, linear cameras into a single, omni-directional one reduces upfront and maintenance costs.

Enhanced Situational Awareness

With 360-degree cameras, security personnel get a more holistic perspective of monitored areas, allowing them to more quickly and efficiently identify suspicious or threatening activities. They also gain the ability to zoom in on specific areas for greater fidelity, improving the quality of their investigations and decreasing response times. 360-degree cameras also offer a better operating picture in areas with odd shapes, obstructions, or layouts.

Simplified System Management

With a reduced number of cameras in play, monitoring for threats is more for security professionals. Fewer points of view mean fewer monitors, which helps those in charge of surveillance reduce the potential for missing something important, decreases their fatigue, and focuses their attention. In other words, 360-degree cameras can help decrease the chances of cognitive overload for the people using them. 

Real-World Applications of 360-Degree Cameras

Highly guarded facilities aren’t the only types of users for whom 360-degree camera technology has benefits. Nearly all industries can attest to at least a few use cases, including those not typically thought of as high security environments. 

  • Education: Educational institutions have implemented 360-degree cameras to monitor campuses comprehensively, enhancing student safety and aiding in the prevention of incidents.​ They are particularly useful to deter, monitor, or respond to active shooters.
  • Transportation: Airports and transit hubs utilize these cameras to oversee vast terminal areas, improving passenger security and operational efficiency.​ They also aid in documenting infractions and incidents that might require a presentation of camera feeds to courts as evidence.
  • Healthcare: Hospitals employ 360-degree cameras to safeguard patients and staff, ensuring that critical areas are under constant surveillance. Assaults on medical staff continue to rise, especially in the United States, and this technology can help to keep health care practitioners safe.  

Beyond 360 Degrees 

While a panoramic view alone is enough to warrant adopting the latest surveillance tools, some companies are taking it a step further.

Liquid360 is one such company. They offer real-time, 3D visualizations of entire sites, enabling security personnel to assess risks rapidly and respond proactively. Features such as mobile command and control, as well as the ability to see through walls and around corners, provide tactical advantages in both everyday operations and emergency situations. 

What sets companies like Liquid360 apart from the pack is their advanced layering technology that not only provides a full, 3D layout of a facility, but also allows users to see through walls, zoom out for a better operational picture, and integration with fences, jammers, radars, and more. Many prominent organizations have relied on Liquid360 for their high-profile surveillance needs, including the Israeli Special Forces.

Last year, Chameleon Associates had the pleasure of interviewing Liquid360’s Founder and CEO, Alisa Givertz. She shared the personal experience that led her to start the company, reflecting on a time when she had lost her son inside of a Walmart. Givertz was moved by the quickness and smoothness with which the retailer was able to help locate her child, sending her down a pathway toward better understanding what could cause some physical security teams to come up short, while others exceeded expectations. The answer, she determined? Unparalleled situational awareness and coordination.

Liquid360 is a situational awareness tool at its heart – one that arms human security personnel with the benefits of advanced technology. In concert with one another, man and machine are able to achieve a level of coordination neither can possibly reach alone.

Conclusion

Integrating 360-degree camera technology into security operations is a commonsense growth opportunity for organizations serious about preventing, mitigating, or responding to physical security threats. Even so, it’s not the only technology advantage out there. To learn more about what options are available and how to better protect your facilities and people with cutting-edge tools, check out any one of our many security trainings here: https://chameleonassociates.com/services-chameleon-associates/

Chameleon holds School Security Summit in Los Angeles

Child plays with crayons at desk.

Last month, Chameleon Associates hosted a School Security Summit in Los Angeles, bringing together educators, administrators, and security professionals to address the pressing challenges facing school safety.

The Summit covered a variety of topics at the top of educators’ list. In addition to discussion about cyber threats, emergency response and using K9s, the Summit gave an overview of proactive strategies designed to prevent incidents before they occur, using the core components of deterrence, adversarial thinking, threat behavior analysis, and effective response. This approach is at the heart of Chameleon’s security methodologies.

The case for proactive security

A central theme of the Summit was the importance of shifting away from reactive incident response to proactive security. Traditionally, reactive approaches typically commence only after an incident is already under way, giving responders only one option: to lose well.

In contrast, proactive security focuses on identifying and mitigating threats before they materialize, giving schools the chance to “win” by preventing incidents altogether. Effective security isn’t just about responding to attacks. It’s about preventing them from happening in the first place.

How deterrence can help

The summit also encouraged participants to change their understanding of security as a singular function to one with multiple purposes, namely as both as means of providing customer service to the good guys while also serving as a deterrent to potential adversaries.

Also, a customer-centric mindset is instrumental in identifying suspicious behavior. Approaching a person who exhibits concerning signs with genuine engagement can dissuade them from carrying out malicious plans, putting them on the back foot after realizing they’ve been noticed. This strategy not only enhances security but also complements the welcoming environments education systems strive to maintain.

What stepping inside the adversary’s shoes can reveal

Another takeaway from the Summit was how potential attackers often seek the path of least resistance. By implementing visible and effective security measures, schools can discourage threat actors who prefer easier targets.

As an example, the profile of a school shooter is different from that of an impulse killer. The former tends not to snap but rather to boil over. Their lethal actions are the result of mounting frustrations that eventually lead them to violence. As such, early intervention can help deter would-be school shooters before their grievances finally spill over into aggression.

How behavioral indicators can aid in early intervention

One of the Summit’s chief lessons was the value of understanding behavioral indicators. Knowing how to spot the warning signs associated with a threat actor can enable staff and faculty to intervene before anything consequential takes place. Understanding behavioral indicators empowers schools to act decisively and appropriately when they suspect potential threats.

What it means to mount an effective response

In the event of an active shooter scenario, Summit attendees were reminded how creating time and distance are vital to success. Tactics for buying time and distancing oneself from the threat include evacuation, entry point barricades, and staying out of the attacker's line of sight. In addition to creating time and distance know that if you can see the gun, the gun can see you - so don't let the gun see you no matter where you are - even in a locked room.

Each of these response actions can significantly increase the odds of survival and should be incorporated as integral components of any district-wide or campus-specific emergency response plan. Furthermore, these tactics should also be drilled and practiced routinely throughout the academic year.

Care culture and vigilance go hand-in-hand

Compassion for others is the driving force behind security. A community that prioritizes the well-being of its members naturally cultivates a protective environment. When individuals feel responsible for one another's safety, they are more likely to report suspicious activities and support security initiatives. This collective vigilance forms the bedrock of a resilient and secure school community.

Conclusion

Effective school security isn’t only about the latest technology, stringent protocols, or even public policy. It’s about fostering a proactive, engaged, and caring coalition. By emphasizing early detection, prioritizing deterrence, understanding threats from an adversarial point of view, and building a culture of care, schools can create environments where safety and learning mutually thrive.

In addition to hosting learning experiences such as the recent Summit, Chameleon Associates offers a School Security Online Course that provides training on addressing threats in educational environments. This resource serves as an excellent starting point for schools aiming to enhance their security posture and protect their communities.

This insider threat problem has the US Government in a chokehold

Sneaky man sneaks around.

There’s no greater risk to organizational security than that of an insider threat. Those with direct access to sensitive information can bring about irreparable damage to the companies and agencies they represent. Governments are no exception.

The 2025 United States (US) Presidential Election brought with it a tidal wave of policy actions and executive overhauls that has kept the country busy trying to keep track of them all. However, an unintended impact of these rapid transformations has also been an unprecedented risk level attributable to insider threat, both from those working to secure the US Federal Government and on those on their way out from it.

Risk One: The Department of Government Efficiency

One of the biggest changes President Donald Trump instituted on the first day of his presidency was the creation of an independent auditing authority, known as the Department of Government Efficiency (DOGE). In theory, this entity would act with special authorities to review agency programs and expenditures, then make recommendations on whether those expenses and projects should continue.

However, DOGE has thus far operated with limited oversight, obtained no clearances for elevated access to classified information, and allowed employees with questionable track records to carry out their audits. One DOGE staffer tasked with backing up encrypted databases at agencies like USAID was fired from a previous job for leaking company secrets and meddling in their systems for some time after termination. Shortly after this discovery hit news circuits, DOGE leadership accidentally leaked protected, personally identifiable information on the organization’s official webpage.

While the merits of DOGE are subjective, their practices throughout these early months of 2025 have objectively allowed those who would normally be ineligible for security clearances access to some of the most tightly guarded cyber systems on earth. This has put agencies in a sticky situation, asking them to balance deferring to the current Commander-in-Chief and safeguarding national security information.

Risk Two: A Fork in the Road

In addition to DOGE, the Administration offered an exit opportunity to nearly all federal employees, shortly after Donald Trump took office for the second time. The call to action was simple: Voluntarily resign, and enjoy a long, all-expenses-paid divorce from public sector employment.

Despite this, many federal workers averse to what’s happening in politics dug in their heels and risked a layoff. Others readily jumped ship.

In either scenario, disgruntled employees at odds with the Administration and who have (or had) access to state secrets could leak this information to adversarial nations, criminal organizations, or lone wolf saboteurs. State-sponsored threat actors are certainly looking to capitalize on the fallout by tantalizing affected government workers with hefty monetary incentives – a deal made all the sweeter for those from low grades or who were altogether dismissed. This risk was high long before the election and has since skyrocketed for the Departments of Defense and Homeland Security, as well as the Intelligence Community.

Conclusion

Current political happenings are a reminder that even the best intentions can bring about dangerous consequences. Insider threats are serious problem for agencies across the country right now, and the high level of risk that comes with them is unlikely to subside any time soon.

Chameleon Associates helps enterprises like yours consider these variables before rolling out major organizational changes. We coach leaders and staff on how to consider their plans and strategies for gaps and missteps that might let insider threats run amuck and unchecked.

To learn more about how we consult with governments, nonprofits, and businesses on pressing security topics, consider signing up for our in-person seminar.

Red teaming and its real-world value to your organization

Red team roleplayer tries to unlock a door.

There is only one way to know that your security system is working - Red team testing. Our clients may at times find the results of a red team painful to hear, but always useful, an indispensable resource.

What is red teaming?

Red teaming is akin to a cyber penetration test, although for the physical security arena. Role players simulate bad actors in an attempt to thwart security processes and systems against the backdrop of a real-world scenario. As with cyber security testing, the goal is to help clients identify critical vulnerabilities.

When should an organization use a red team?

Organizations can benefit from red teaming almost any security measure they wish to stress test - from access control to badging systems, from human engineering to officer attentiveness.  Even the best designed security can benefit from an objectively executed test of a threat-based scenario.  The following are actual case studies from Chameleon's files, where a red team helped businesses and government agencies identify security weaknesses and ultimately remedy them.

Fencing and perimeter breach

Company A had spent hundreds of thousands of dollars installing a perimeter fence with barbed wire and fence sensors, supported by closed-circuit television cameras. Despite this costly installation, a red team player managed to uncover several entry points. At the first, the player was able to climb a steam pipe, which was in a camera blind spot, and cross the fence without setting off the sensors. At another location, the player found a padlocked gate that was easily opened by moving a pipe that secured the gate to the ground.

Social engineering and tailgating

Company B worked out of a highly secure research facility.  It had recently posted job openings for internship positions.  A red team player used LinkedIn to research Company B employees and their names. The player went to the facility with this information and tailgated an employee entering through the main gate. The player assured the employee he was there to meet "Mr. Smith" about a job (name gleaned from research.) The employee escorted the player throughout the facility, explaining key building features and introducing him to other staff. The player was able to leave with this information, unconfronted.

Artificial intelligence camera system

Company C had recently started relying on an artificial intelligence (AI) system to help monitor a network of several hundred security cameras. Over the course of several red team exercises, the company's security operations center was able to pinpoint important strengths and weaknesses in the system. Several incidents of suspicious behavior were used to “train” the AI to better detect criminal conduct. The red team players also advised, from their point of view, on better location and configuration for the cameras.

Dumpster dive data leak

Company D was using dumpsters outside their office building to dispose of documents containing corporate records and personally identifiable information on their employees. A red team player sorted through the dumpster trash for sensitive materials, which they eventually found. The player obtained three trash bags-full of personnel documents, emails, invoices, research material, and handwritten notes about the company. Dumpster diving is a frequently used method of gathering intelligence about an organization and is legal in many cities. The information gleaned by the red team could have been used with malicious intent in any number of ways, to support a variety of schemes.

Conclusion

Red teaming is a vital practice that can help organizations improve their security posture, close operational gaps, and stamp out vulnerabilities. Chameleon Associates provides expert consulting services for private and public sector clients looking to bolster their defenses.

To learn more about this service, check out our Red Teaming and Penetration Testing webpage.

Brian Thompson: When Executive Protection Planning Goes Wrong

Assassin

Brian Thompson’s shocking murder this week on the streets of New York pulled the curtain back on a hot button issue in U.S. society while also raising questions about executive protection of high-profile individuals.

Thompson was a figurehead of one of the largest health insurance companies in the U.S. with 440,000 employees, net profits of $23 billion last year, covering more than 50 million people.  He had received threats and was, obviously, a target.

That so many comments on social media have been brutal in suggesting that Thompson deserved to be killed (for example, his murder being ‘due to a pre-existing condition’) or comments that focused on the abysmal state of health care costs in the U.S. today, reflect an increasingly cynical state of mind in the U.S.

His murder has touched a nerve, and it calls to mind narratives of executives pitted against the public, such as the one depicted in the 1997 film, The Rainmaker. In that film, the CEO was brought to trial by the family of a young man, who died as a result of having been denied a medical procedure.

According to kff.org, medical debt in the U.S. is $220 billion. One in 12 adults owe medical debt. Over 50% of bankruptcies are due to medical expenses. UnitedHealth Care is cited as having a claim rejection rate of 30%. I myself was once denied health coverage due to an ingrown toenail (not kidding). Some note that the U.S. is the only member country of the Organization for Economic Cooperation and Development that does not have universal healthcare.

Possible Motive

At this point, the assassin is still at large, and we can only speculate at his motive. Was it personal, an act of revenge for a loved one who he felt was mistreated? Was it a case of taking it upon himself to make a statement, for the “greater good”? Did he believe that only through a violent act would he be able to engender change or accountability in the healthcare system? It’s not hard to imagine that the denial of coverage to customers paying a premium – as a business model - would amount to millions of disgruntled folks and among them, some prone to extreme violence.

It is reported that the words "delay," "deny" and possibly "depose" appear on shell casings and bullets that were recovered from the scene of the shooting. Investigators believe that these three D’s refer to insurance company tactics to delay and deny policyholder claims.

Given the comments and response to the assassination, clearly a risk assessment that could have helped prevent this tragedy was either lacking or altogether missing. Companies engaging in controversial practices are exposed to risk. Not just to the executives but to other company assets.  CEOs of companies far smaller and less controversial than UnitedHealth have executive protection details in place.  None of the basics were covered: threat assessment, monitoring threats, doing an advance, counter surveillance, establishing perimeter, ensuring ingress/egress to a location, and more. A security detail that conducts these basic protective measures should certainly have been in place, particularly given that this was a scheduled public meeting.

Vigilante or Murderer

We can agree that as a society we are against an Active Shooter – a murderer - who kills innocent children. Yet in this case, the man who shot Thompson – a murderer – is considered less a villain for having brought down the head of a company whose policies are responsible, in the minds of some people, for countless deaths and suffering.

When the court of public opinion feels that the only recourse for solving problems is violence, we’re in trouble. It’s unlikely that the healthcare industry will change because of Thompson’s death, but other people may be provoked to act - copy cats with either a twisted desire for publicity or a deep grudge.

This attack (regardless of the shooter’s motive) may not change the landscape  of healthcare coverage in the U.S.  But this assassination will definitely impact the next person filling Thompson’s shoes at the company. And it may well have an impact on the level of executive protection for many other CEOs in the crosshairs of consumers with a grudge.

Threat and Executive Protection

From the limited video coverage currently publicly available, it appears that the gunman was proficient if not a professional. He used a silencer and at one point, when it looked like his gun jammed, he was able to swiftly rack it and continue shooting. His quick getaway by foot or e-bike (not yet confirmed) through nearby central park was effective.

Chameleon consults and trains on executive protection and foundationally, we espouse the importance of understanding how a given adversary operates. An attacker needs to follow certain steps. The assassin in this case obviously marked his target, gathered information, obtained equipment (gun and silencer), conducted surveillance, perhaps made some dry runs before executing and getaway.

Clearly, there was no EP team with Thompson. That may have been his decision; we have clients who strongly prefer a light touch when it comes to close protection. But the weaknesses in this case are compound: the company is a political target, there were yet undisclosed threats, Thompson was a figurehead, the UnitedHealth Group Annual Investor Day conference was well publicized as was his attendance at it. Even without preattack surveillance, it was sufficient for the attacker to lie in wait without being challenged.

To learn more about how our company helps others practice and plan for their executive protection needs, click here: https://chameleonassociates.com/services-chameleon-associates/executive-protection/

Securing spaces in modern times

blank

Last week, headlines spun a concerning narrative about a foiled terrorist plot, one that ultimately drove pop culture icon Taylor Swift to cancel her shows in Vienna. Fans of the musician were understandably rattled—if authorities hadn’t thwarted the attack, this very well could have been a mass casualty event.

Such a near miss highlights a need for greater attention in event management. But ensuring that a large-scale event like a Taylor Swift concert is a safe experience for all is no easy task. It requires significant manpower, many hours of advance planning, and a clear read on venue-specific vulnerabilities.

So then, how did teams involved in Taylor Swift’s event security manage to prevent what had all the makings of a catastrophe? The answer lies at the intersection of good counterterrorism principles and a refined awareness of the modern threat landscape.

Commonalities between counterterrorism and event safety

Security teams lean heavily on established counterterrorism practices to keep VIPs and the public safe during highly trafficked events. They evaluate the unique conditions at play and assess their conduciveness for bad actors to carry out attacks. They also reference open-source intelligence to take a pulse on global, political, and economic climates, which collectively paint a clear picture about risk and threat.

In the case of Taylor Swift’s concert, law enforcement, government officials, and the singer’s own security teams acted promptly on good intelligence, which ultimately resulted in the arrest of two would-be terrorists, both reportedly affiliated with the Islamic State organization, ISIS. A third was apprehended a few days later, confirming further details of the event and explaining that the suspects intended to carry out a suicide bombing using chemicals and explosives that law enforcement found in their homes.

A growing need for better security in public spaces

Taylor Swift’s concert is not the first music festival in the last few years to be plagued by radical extremism. There are parallels between hers and Arianna Grande’s 2017 concert, where a suicide bomber murdered 22 concertgoers in an unexpected attack in Manchester, England. (We’ve previously covered the story, here.)

Those familiar with the Manchester bombing will recall that Britain’s intelligence community had credible evidence of a terrorist plot but did not act quickly enough on the information to stop it. Given what seems to be a rapidly increasing threat of terrorism in public spaces—especially Western or democratic ones—the national security community will need to work more efficiently and create closer ties with private and local details to stop future incidents.

After the incident, the United Kingdom’s Security Minister James Brokenshire proposed a “Protect Duty” in 2020 that called on venue operators to consider the risk of attacks and take “proportionate and reasonable measures” to prepare for such scenarios. Today, the edict is more commonly known as Martyn’s Law, and it has made great strides to create safer public gatherings for all.

Other considerations for better venue security

While terrorists are undeniably a massive threat to public events, not every bomber, shooter, or saboteur has ties to extremist ideologies. Social and environmental pressures drive up risk and push social outcasts, those with severe and untreated mental health disorders, and career criminals to the breaking point.

A textbook example of someone who evaded event security and orchestrated a mass casualty incident is Stephen Paddock, or as many know him, the Vegas Shooter. Paddock was not associated with any known terrorist organization but was irrefutably deranged. In the years following his attack, he has even gone on record stating that what inspired him the most was his father’s criminal reputation.

One could also easily point to any number of public shootings that terrorize traditionally safe spaces, like grocery stores, schools, and movie theaters as evidence for why a counterterrorism mindset alone is not enough. Stopping those hellbent on mass-scale murder demands awareness, creativity, collaboration, and an open mind.

What it will take to make events more secure

Whether they be a terrorist, violent perpetrator, or just criminally insane, their potential for harm is all the same. To thwart attacks like the one planned for Taylor Swift’s Vienna show, it takes careful, intentional coordination between national security organizations, intelligence communities, private security, and local law enforcement.

And undoubtedly, it also takes participation from the public. Everyone should think of themselves as a mandated reporter, and if they witness something off, share it with authorities as soon as possible. The proof is undeniable: Civilian reports save lives. Those in doubt can look to the famous Herald Square plot in New York City as a shining example of how one tip can make all the difference.

Diligence and coordination at every level are prerequisites to good event security planning, and the more commonplace that interplay becomes, the safer the world will be.

What makes a good security leader?

security manager

July has been a jam-packed month for security professionals. It started with an attempted assassination on former United States President Donald Trump and ended with U.S. Secret Service Director Kimberly Cheatle’s resignation.

The whole saga has triggered debate on what it means to be at the helm of a security-focused organization. Some demand that leaders need to accept greater accountability in the face of crises. Others insist security managers should do more to prevent threats in the first place. There are multiple facets to effective security management.

Security leadership isn’t all black-and-white.

What makes a good leader is not straight forward, emphasizing any single factor. Adept security professionals embody a combination of qualifications that in our view must include the ability to step into the mind of the adversary and make preemptive decisions that protect against any number of catastrophes.

Seven core traits define the best security leaders.

There isn’t an official or academic way to determine if someone’s character is ideal for roles in security leadership. But even so, there are more than a few indicators that can signal someone’s likelihood for success in the hot seat.

1 - Relevant Expertise

The traditional pipeline for many security leaders begins with a career in law enforcement or the military. From there, individuals climb a public or defense-centric ladder, and later transfer out to private sector work. However, those CVs don’t always translate easily to civilian life. Military and/or law enforcement experience and skill sets can be really valuable yet, security leaders must be able to adapt to the culture and rules of the sector in which they work.

2 - Planning Propensity

Security is an industry measured almost entirely through failures. Attacks happen, and then success is gauged based on the efficacy of a response and extent of resulting damage. Because of the cause-and-effect nature of security, leaders need to ensure their staff are trained, that processes and protocols are thoroughly and regularly exercised, and plans are written with threats in mind. Planning never stops.

3 - Healthy Skepticism

The best security leaders harbor doubt as a general working assumption. In other words, they’re always hoping for the best but expecting the worst – planning for contingencies and never resting on their laurels. They understand that even the best plans fail, and they go to great lengths to bake in operational redundancies, wherever and whenever possible.

4 - Test Obsession

Scrutiny. Good leaders understand that no person, process, or system is ever perfect, necessitating constant refinement to keep edges sharp and staff well-versed in the latest methodologies and approaches. A plan is one thing. A tested plan is so much more. In doing so, security management creates strong barriers against bad actors and position their teams for the best chances at operational success, no matter the circumstances.

5 - Motivational Mindset

Leaders of all types need to be motivational and compelling. But for security executives, this responsibility is acute. It takes complete motivation and buy in to combat passionate, determined adversaries. It is no small thing to be prepared to risk one’s life to save the lives of others. Instilling that level of commitment in a security force is therefore critical. But security leaders also must ensure that officers and personnel are motivated to adhere to the everyday, ‘mundane’ security protocols with equal zeal.

6 - Boots on the Ground

The need for fighting from the trenches in a security context is paramount. The best security leaders are as capable and skilled as the professionals they employ and exhibit a willingness to roll up their sleeves and get tactical when the occasion calls for it. Spending time with the troops also affords management insights they might otherwise not get from the C suite.

7 - Adversarial Understanding

Good security leaders seek to fully understand their adversaries. An intimate knowledge of bad actors should be the basis for a security system and all its components. The threats posed inform everything from placement of a CCTV array to training curriculum for security personnel. Boilerplate security offers the enemy too many potential loopholes versus security that is designed to match the specific characteristics of a given security environment and the threats it faces.

Training to develop security leaders

Even if a security leader checks every box on paper, they require development opportunities just like any other role. Trainings for security professionals are available, but less so for those charged with oversight and management. To ensure organizational leaders can direct their teams in an effective and efficient way, companies should put more effort into executive development courses, like these.