Embracing the Devil: An Analysis of the Formal Adoption of Red Teaming in the Security Planning for Major Events

Thomas Landry

EXECUTIVE SUMMARY

The Department of Homeland Security (DHS) takes the lead or significant supporting security role in many of the nation’s largest and most celebrated events across the country. These political, sporting, and cultural events present the nation’s adversaries with inviting targets due to the size, scope, and historical significance of the occasions. Often these events are attended by senior governmental leaders from the United States, as well as foreign countries. Group decision-making errors, assumptions in the planning process, and the failure to anticipate an ever-changing enemy or conditions can leave major events vulnerable to attack or serious disruption. Security planners must consider not only purposeful physical attacks, but also the whole spectrum of environmental, fire and life safety, and civil disobedience when designing countermeasures to risk.

This thesis analyzes the planning process used to design and implement security procedures for major events throughout the country. Specifically, it examines security planning for events designated as a national special security event or those that receive a special event activity rating Level 1 from the DHS. This thesis focuses on the potential vulnerabilities and gaps in the planning process due to groupthink and other organizational decision-making pitfalls. The subcommittee process employed in these major events has proven effective in marshaling tremendous amounts of resources and ensuring that areas of responsibility are well-defined; however, it leaves open the potential for individual and organizational biases to impact planning. This project has explored the varieties of red team techniques available to major event security planners and asked the question: How would the Department of Homeland Security (DHS) benefit from formally adopting a red team component to major event security planning? This thesis then reviews which, if any, potential improvements can be made to the process with the formal adoption of a red team component. This paper derives data and evidence exclusively from publically available academic literature and after-action reports. It features a case study of the 2009 presidential inauguration, drawn from comparable publically released material. This project uses a blend of policy analysis and the case study method during the course of this project. The case study method relies heavily on the results of a small group of events that may be vulnerable to sampling bias and lead to results that may not be easily generalizable.

The concepts and techniques of red teaming are being taught and increasingly used and accepted throughout the United States within the Department of Defense and the intelligence and law enforcement communities. The potential benefits and drawbacks of simulations, vulnerability probes, and analytical techniques have been explored in this project. While not all red team techniques are ideally suited for use in major event security design, the expanded use of analytical analysis has the potential to challenge organizational thought and assumptions. These techniques, however, need to be completed within the subcommittee framework used in the design and execution of security for major events.

Based on the findings on red team performance and execution pitfalls, this thesis has made two proposals to insert formally an analytical red team capability into the framework used in major event security planning. The proposals have the potential to place properly trained individuals into the framework at the appropriate time to make improvements into the planning process. These proposals, however, must navigate the minefield of potential execution errors outlined in this thesis. While the DHS may theoretically benefit from the formal adoption of analytical red team techniques, the execution limitations discussed in this thesis reduce the likelihood for ideal results. The DHS needs to consider these limitations before formally adopting a red team component into the framework for major event security planning.

 

 

No Comments

Post a Comment