We Get You—and We Got You—in 2021

As we exit 2020, destined to be remembered as one of the most challenging years in our history, and enter 2021, we want to remind you that we are here for you. We get you, we got you, and we know what you’re going through—and you’re not alone. When our clients got focused on safety and security last year, they called us—maybe about the same things you’re struggling with:

  • Got overwhelmed: Some clients have plans with no one to implement them, and others know they need to improve safety and security at their organization but don’t know what to do first, next, or at all. Serving as a Security Advisor, we help define what you have and what you need. From an assessment to an emergency management plan to training for your entire workforce or specialized sessions for your leaders, we can help you get your plan in place.
  • Got ready: Workplace violence can affect every organization in every industry. And that makes a Workplace Violence Program, policy, and training even more critical to the safety of your employees. The program establishes your commitment to a safe and secure workplace, the policy strengthens your pledge to promoting employee well-being, and the training invites your employees to participate in and foster their own safety. Our client came with a vision of employee wellness that went beyond exercise or work life balance, and we helped them build a workplace violence program with safety and security at its foundation.
  • Got together and got involved: Many of our clients do not have a Chief Security Officer or a security department at all, forcing security concerns to Human Resources, Legal, or Facilities. Our client wanted to move away from the siloed approach to security where different aspects were housed in different departments and focus their approach on a centralized system of threat identification, assessment, and management with Customized Training to ensure optimum risk management. While an informed and participative workforce makes every workplace safer, training with internal and external collaboration adds another layer of security that protects your employees.
  • Got ahead and got protected: Not only does an Independent Security Study (ISS) of executive protection programs for high net worth people comply with applicable IRS deductible expenses—and save the executive thousands of dollars—it also protects the entire organization by looking at its overall security program. Our client understood the need to evaluate the specialized security requirements of the CEO and combine it with an assessment of the vulnerabilities impacting the entire organization. With a review of the security measures at the corporate offices, during transportation, and at private residences, you will understand where you are exposing employees to unnecessary risk.
  • Got caught unprepared: Safeguarding employees was our client’s focus, and as you share that priority, especially in an emergency, a holistic Emergency Management Plan (EMP) ensures they will know how to hide, evacuate, communicate before, during, and after an incident, and resume normal business activities as you recover. An EMP that covers all hazards including natural (weather), accidental (fire), and intentional (criminal) incidents prepares your organization for the unexpected—even a pandemic.

We’re Here to Help
Have you got stuck, got caught off guard, got no one to turn to, or got lost? And would you like to get help, get support, and get going? Because in past years, when the going got tough, the tough got the LFG.

So let’s get excited about the “what ifs” of 2021. What if your employees felt safe and secure? What if you focused on your employees’ well-being? What if you found a trusted advisor who gets you—and takes your security to the next level? You’ve got that all in The Lake Forest Group. And we’re just a call or click away. Let’s get started.

Contact Mike at [email protected] or 312.515.8747 to discuss whatever is on your mind in a free 30-minute consultation and together we can create a strategy that supports and prioritizes your employees.


To Save and Protect: Independent Security Study Does Both

How safe and secure do your employees feel? They might be harassed or threatened by co-workers or visitors, or exposed to some other type of workplace violence. Or maybe your CEO has received threats from a customer dissatisfied with your organization’s product or service. From C-suite to entry level employees, you must be committed to security as a 24/7 objective.

What is great security—and how do you know if you have it?
You might know what great music sounds like or great pizza tastes like, but do you know what great security looks like? Great security follows best practices to successfully protect your people from any hazards they might face in the workplace.

And great security is achieved through a security assessment that helps you understand what you have and benchmarks it with best practices and other organizations who are doing it right to determine what you need. A security assessment ensures that physical, technical, procedural, and personnel security measures are working together to protect your people, property, and assets.

What is an independent security study and why do you need it?
Especially if your organization or CEO is high profile, a security assessment must look at security across the enterprise, like transportation, private residences, personal protection, and other activities related to your executive protection (EP) operations and corporate security (CS) program. That’s when the assessment becomes the foundation of an independent security study (ISS). Not only will an ISS protect your employees, but it will also evaluate EP and CS, and how well you identify, assess, and manage threats to individuals and the organization itself. Plus, the ISS allows your organization’s leadership to avoid unnecessary tax liability as it relates to executive protection.

You can’t conduct the study yourself—that’s why it’s independent.
An important part of the IRS compliance is that the study must be done by an outsider—that’s why it’s independent. In other words, you can’t conduct your own assessment. The net result of the ISS conducted by an independent consultant is an evaluation of your personnel, programs, policies, technologies, operations, and current security environment to identify areas of strength along with opportunities for improvement.

Benchmarking, United States Secret Service, and IRS compliance—a dynamic trio.
Your EP might include air travel, airport protection, ground transportation, and a traveling protective detail to ensure the safety of company executives, especially if they travel internationally. The IRS taxes the gross income of those executives for transportation security costs—unless you can show a bona fide business-oriented security concern for the protection provided. An ISS meets the necessary requirements for the IRS to avoid this tax, saving your CEO money.

Does the CEO travel to countries with known terrorist activity? Does a driver transport the CEO from home to work and back? Does the CEO travel by private plane? The ISS dives deeply into your EP operations to document current measures and offers industry best practices to mitigate threats and strengthen overall security.

By working with The Lake Forest Group, you optimize the value of this outside relationship through benchmarking and extensive experience. Because of our varied client list, we can connect you to best practices that transcend industries so you can learn from organizations you would rarely have contact with otherwise. And as I assess your CS program and specifically EP operations, I will rely on my experiences as a Secret Service agent who protected the President and First Lady in the President’s Protective Detail, investigated threats to the President, and identified risk in a variety of locations, circumstances, and appearances.

Leveraging the USSS methodology in your ISS, we evaluate your:
• EP operations, including drivers, vehicles, corporate or private aircraft, airport locations and personnel, risk level where the executive travels, advance and traveling details, and any additional activities designed to safeguard your CEO and select executives
• Physical, technical, procedural, and personnel security at corporate, residential, and transportation-related properties
• Coordination with internal stakeholders including HR, facilities, security, finance, and legal to maximize communication and risk management effectiveness across departments
• Cooperation with external stakeholders to support security initiatives, including local first responders, open source and social media analysts, and response monitoring station personnel

A holistic strategy guarantees your security is greater than the sum of its parts.
As we conduct the ISS, we look at each element of your security environment at corporate properties, private residences of executives, and locations, equipment, and personnel that support air and ground transportation. Because each part of EP is intrinsically interrelated with another and EP in turn is inherently connected to physical, technical, procedural, and personnel security measures at every location and in every function, your ability to protect your executives as well as your employees depends on a holistic security strategy.

The ISS ensures that holistic security strategy as we offer strategic considerations to enhance existing measures. It also complies with IRS requirements to validate employer-provided transportation for business-oriented security concerns and overall security programs and specifically exclude those costs and items from the executive’s gross income.


What to look for when hiring a Chief Security Officer (CSO)

by Patrick Gray of Raines International and G. Michael Verden of The Lake Forest Group

The Lake Forest Group is working with Raines International in recruiting security professionals for top level executive positions to make an immediate impact in organizations across all industries and functions—because in today’s business environment, security has taken on an elevated role in operations to protect an organization’s people, property, and brand.

Accordingly, savvy business leaders want to build an environment that anticipates vulnerabilities, implements countermeasures to mitigate threats, and creates a backdrop of safety and security so employees can thrive.

When you are ready to hire a Chief Security Officer (CSO), you may not know where to start. CSOs can be an integral part of your leadership team because they understand how workplace violence, outside intrusions and other threats can disrupt business operations, impact employee turnover, and inhibit productivity. While they know how to anticipate and prevent the typical risks that may affect your business, a great CSO will have his or her finger on the pulse of the security world and will think three steps ahead to protect against today’s — and tomorrow’s — challenges.

Raines has found that many CSOs come from the military, law enforcement, or government. While those backgrounds support an organization’s security objectives because military and law enforcement backgrounds tend to bring a proactive approach to security, an outstanding CSO will also bring a variety of soft skills. From the obvious to perhaps the unexpected, a CSO may offer the following soft skills:

  • Adaptable and agile
  • Abreast of the latest industry developments
  • Communication skills
  • Business acumen
  • Emotional intelligence
  • Approachability
  • Organizational skills
  • Team building
  • Leadership

The right CSO for your organization should effectively complement your culture. Depending on the size of the organization, the CSO must also have the right support team and governance ability. Whether presenting an annual budget report to the C-suite or conducting orientation security training for new hires, the CSO should have the ability to relate to both, and, more importantly, be capable of engaging with everyone. This connection allows the CSO to communicate important security education and awareness material to the workforce that best prepares them for an incident in the workplace.

The CSO also needs to foster goodwill by demonstrating that any changes in the workplace are for the benefit of the organization’s people and not meant to disrupt daily business activities. A successful CSO realizes that some modifications he or she might make to a business environment in the name of security and emergency preparedness may be met with resistance by employees if they do not properly disseminate and adequately explain these changes and the reasons behind them.

Just as they do for the other leaders on your team, these soft skills can make the difference in your CSO being a simple placeholder and a real change maker who works to create a safe and secure workplace that supports your employees.

We’re Here to Help
You are committed to protecting your employees. We can help you determine next steps to create or enhance your safe and secure workplace, especially as employees return to your businesses or continue to remain at home. Contact Mike Verden at [email protected] or 312.515.8747 to discuss what’s on your mind and visit http://lakeforestgroup.com/.


Protecting the C-Suite from the Tax Man

If Executive Protection is one of your security roles, you need to be up to date on the latest best practices to maximize security and minimize risk—in the most cost-effective and efficient way possible. An Independent Security Study will help select executives in your company avoid unnecessary tax liability and at the same time assess your company’s security environment while providing great value to you in your role as a corporate security professional.

Why Do You Need an Independent Security Study?

Your Executive Protection might include air travel, airport protection, ground transportation, and a travelling protective detail to ensure the safety of company executives, especially if they travel internationally. The IRS will tax the gross income of those executives for transportation security costs—unless you can show a bona fide business-oriented security concern for the protection provided. An Independent Security Study meets the necessary requirements for the IRS to avoid this tax—and saves your CEO money.

You Can’t Conduct the Study Yourself

An important part of the IRS compliance is that the study is done by an outsider, e.g., independent consultant. You can’t conduct your own assessment. The Independent Security Study is based on an objective assessment of all facts and circumstances and the employer applies the specific security recommendations contained in the security study to the employee on a consistent basis.

An Independent Security Study Benefits You and Your Organization

The net result of the Independent Security Study conducted by an independent consultant is an evaluation of your personnel, programs, policies, technologies, operations, and current security environment to identify areas of strength along with opportunities for improvement. In addition, your compliance with the IRS showing the security you provide your executives is part of an overall security program also benefits you and your organization.

What Are the IRS and Tax Connections to the Study?

The Independent Security Study is tailored to fulfill IRS statutory requirements as they relate to validating employer-provided transportation for business-oriented security concerns and overall security programs. The Independent Security Study documents employer-provided transportation for security concerns for corporations seeking to specifically exclude security-related cost and items from the executive’s gross income. 


Building the Perfect (Security) Beast

We turn to a consultant to help us with a challenge we can’t solve ourselves, to supply the knowledge and experience of industry best practices and regulatory compliance, provide a particular type of subject matter expertise, or to guide us through a specific project. While a security consultant is certainly an advisor, assessor, examiner, and evaluator, we can also ask him or her to modify, correct, enhance, and create safety- and security-related documents—specifically, procedural standards such as guidelines, policies, plans, rules, and directives.

Imitation Is the Highest Form of Flattery

If you could create a security department that was an industry leader with best-in-class operations, would you? Of course you would, but how do you know your program is better than the rest? What puts you ahead of your competitors and, equally important, keeps you there? Your success starts with the documents that reflect the mission of the security program while at the same time protect the brand of the organization. Ideally you want to benchmark against companies similar in shape, size, and footprint. If you work for a multinational corporation operating in multiple continents with a global corporate security department, then you want to compare yourself to similar organizations and their full breadth of the security department policies.

All For One and One For All

Employees are more likely to see security as a company priority if management visibly supports security efforts and initiatives. Consequently, a security program is most effective when people see it as an important part of a company’s goals and vision. Among the best ways to demonstrate that support is to include security as one of management’s core values and to promulgate official company policies regarding security. And as the most effective means to this end, multi-disciplinary involvement in the creation and vetting of these documents invites partnerships with legal, HR, IT, and employee assistance to collaboratively design inclusive and relevant procedures. A security department simply cannot do all this by itself.

Let’s Talk About the Nuts and Bolts  

Now that we’ve addressed the importance of building a security program through the “power of paper,” let’s focus on the specific documents needed. Applicable security directives and guidelines can include documents such as:

  • A clean desk policy
  • Access control procedures
  • Restricted area access
  • Visitor management
  • Background screening requirements

While physical security measures are critical, the access protocols and practices and the ability to screen and filter all personnel, services, deliveries, and equipment seeking access to the facilities and its environs are equally, if not more, important. The implementation and effectiveness of security systems, such as closed-circuit surveillance equipment, exterior and perimeter security systems and monitoring, and electronic access control systems, can be determined by the written guidelines and published rules giving instructions on the proper use of these technologies.

Training Is a Perishable Skill

The success or failure of a security program could depend on the training curriculum, security awareness information, and education materials designed not only for the security team, but also for the entire organization. Non-security personnel must receive ongoing and current training on safety-related information regarding emergency preparedness, fire prevention, and workplace violence mitigation, among many areas. Your best practice based security program should combine research, collaboration, institutional knowledge, and professional experience to produce training that engages people by providing practical and hands-on tools they can implement immediately.

Necessity Is the Mother of Invention

We adapt our policies and procedures to our needs and current situation. And the need for most new policies and procedures is driven by knowing current best practices and awareness of emerging threat scenarios. With clients in both the public and private sector, The Lake Forest Group offers you insight acquired through decades of engagements helping organizations assess their current security program—beginning with their written policies and procedures. From there, we can ensure that your corporate environment, financial services, international affairs, business operations, brand integrity, protective intelligence, operational protocols, budget execution, and human resources are built on a strong, best-in-class security foundation.


How to Protect President Donald J. Trump

It seems that Donald J. Trump has taken the fight to the Republican Party and shows no signs of going away as a serious candidate to become the GOP presidential nominee. As a matter of fact, at this point if it were a boxing match, the referee might have to stop the bout because the other contenders are bloodied, battered and beaten. Ever since he jumped into this race, Mr. Trump has been on the attack and the mainstay of his campaign has been to punch and counterpunch his competitors as well as his critics. Just ask John McCain, Lindsey Graham, Hillary Clinton, and Megyn Kelly, to name a few, how it feels to be in the crosshairs of The Donald.

High Profile Equals High Exposure

In today’s political world, these candidates become high-profile targets because of their high exposure. Due in part to the Internet and social media, sensitive information about candidates, such as addresses of private residences, family members, salaries, and business ventures, are accessible to the public. And magnifying this exposure, the candidates are constantly attending public events, especially in Iowa and New Hampshire that require maneuvering through crowds of unscreened people at functions such as state fairs and parades. A preventative protective methodology balances ends, ways, means, and threats to identify and assess risks in these scenarios and opportunistic vulnerabilities. To reach optimum event security, a thorough process of properly trained and prepared security personnel analyze appropriate risk control measures and apply interrelated countermeasures and protective tactics to harden these events.

I Stepped Into a Burning Ring of Fire

Event security planning can be more easily described by explaining the “ring” methodology. The five rings of protection are: (1) the outer perimeter typically secured by public sector personnel at the federal, state, and local level, filtering people, equipment, and vehicles requiring event access; (2) the middle perimeter is the event security assets comprised of private security guards and law enforcement officers screening and controlling entry; (3) the inner perimeter is the restricted areas inside the event site, such as the stage; (4) the fourth perimeter is the intelligence collection and information sharing between the private and public sectors; and (5) the fifth perimeter, the life blood of the event, is cyber security dedicated to critical infrastructure, including electricity, power grid, water, and communications.

If You’re Not First, You’re Last

Armed with the “knowledge and power of the rings,” a best practice-based event security template identifies appropriate countermeasures that will lower the various levels of risk. The countermeasures and design alternatives are specifically tailored to address an event security operational plan, executive protection measures, emergency preparedness policies, interoperable communications, and risk mitigation strategies. I believe the ability to meet security, risk management, and emergency preparedness objectives will—at many critical junctures—rise or fall on whether the security team can execute-to-plan. That is the benchmark and you should never settle for anything other than the highest level of execution and performance when designing your event security and executive protection strategies.

Imitation is the Sincerest Form of Flattery

Best practices in executive protection should be benchmarked to determine the most effective and efficient operations suitable for the candidate and the event. Following how the best executive protection programs keep apprised of emerging threats while also staying informed of industry trends in countering these risks will strengthen your own strategy. The advance work that precedes the arrival of the candidate is just as, if not more, important than the security employed during the event. A laser-focused emphasis needs to be placed on the preparations, strategies, instructions, and responses, so that if any crisis were to occur, all contingencies are in place.

Even though many of us are not experienced with protecting a presidential candidate as he or she moves through large-scale event venues, the tenants of rock solid executive protection and event security plans are still paramount to your own specific needs and situations.


The Boehner Case Speaks to the Need for a Threat Management Plan

The recent arrest of a country club bartender who threatened to kill House Speaker John Boehner makes a strong case for the need for organizations to design and implement an effective threat management plan. After Michael Robert Hoyt was indicted this past January, details of his life, mental health, work history, access to weapons, and regular proximity to a public figure have become available that present a situation in which an established comprehensive threat management plan might have avoided.  An effective threat management plan is constructed and implemented by multiple parties with different, but complimentary backgrounds. An experienced investigator, mental health physician, human resources professional, and protective security expert are examples of the applicable skill sets required to build the plan.

Often serving drinks to Boehner and other high profile members, Hoyt worked as a bartender at the Wetherington Country Club in West Chester, Ohio for five years until he was fired last October after several members complained about him. After his arrest, police searched his home and found an assault rifle magazine, ammunition, and a notebook containing “John Boehner” and “Ebola” among other writings, as well as lists of country club members. Arrest reports state that Hoyt was visibly upset about being fired, which might have prompted him to send an 11-page blog naming Boehner as the devil to his ex-girlfriend, neighbor, and father as well as emails to Debbie Boehner that mentioned his firing. In these communications, he claimed that he had the access and opportunity to poison Boehner’s wine if he had chosen to do so.

Other recovered documents state that Hoyt had been hearing voices though his car speakers telling him that Boehner was evil, eventually leading him to call 911 and ask the operator to tell his father he was sorry. When police went to his residence, he volunteered to be taken to the hospital for psychiatric evaluation. Hoyt had been previously treated for a psychotic episode two years ago and prescribed medication, which he stopped taking after six months.

As part of its protective responsibilities, my former employer, the United States Secret Service (USSS), has long held the view that the best protective strategy is prevention. In keeping with that tactic, their threat management efforts identify, assess, and control persons who have the interest and ability to mount attacks against USSS protected individuals. The Exceptional Case Study Project (ECSP), the USSS’s first operationally relevant study on assassins and near-assassins, was completed in 1998. The ECSP was a five-year operational analysis of the thinking and behavior of individuals who assassinated, attacked, or approached to attack a prominent person of public status in the United States. It employed an incident-focused, behaviorally-based approach consisting of a systematic analysis of investigative reports, criminal justice records, medical records, and other source documents, as well as in-depth interviews with subjects.

The ECSP determined assassinations and attacks on public officials and figures are the products of understandable and often discernible processes of thinking and behavior. Most people who attack others perceive the attack as the means to a goal or a way to solve a problem. An individual’s motives and selection of a target are directly connected. Ideas of assassination develop over weeks, months, even years, and are stimulated by television and newspaper images, movies, and books. Potential assassins seek out historical information about assassination, the lives of attackers, and the protectors of their targets. They may deliberate about which target—and sometimes targets—to choose. They also may transfer their interest from one target to another. After selecting a target, attackers and near-lethal attackers develop plans and sometimes rehearse before mounting an attack.

When conducting a threat assessment, protectors and investigators must also pay attention to the individual’s choice of a potential target, assuming the individual has selected a target. The following questions should be addressed:

How well is the target known to the individual? Is the individual acquainted with the target’s work and lifestyle patterns?

Is that information readily available, as in the case of many public officials or highly visible public figures?

How vulnerable is the target to an attack? What changes in the target’s lifestyle or living arrangements could make attack by the individual more difficult or less likely?

How sophisticated is the target about the need for caution?

How concerned about safety is the target? How concerned are those around the target (such as family or staff)?

Let’s see how these individual characteristics, investigative questions, information analysis, and management options apply in the Boehner case. First, the potential attacker had an evident process of thinking and behavior—he blamed the target for the loss of his job and the Ebola virus. Second, the investigation uncovered two red flags—history of mental illness and access to weapons. Third, he communicated with friends, family members, and Boehner’s spouse about his interest in the target. Finally, and the most concerning, the management component was missing because nothing was done to “manage” Hoyt until after the plot was revealed.

We can all learn from this incident and apply it to our own particular situations. We don’t have to fear an imminent assassination to understand the danger of a disgruntled employee and the importance of performing our due diligence in background screenings, proper investigative processes, and assessment capabilities that identify the initial signs of potential threats. When you recognize that a threat management plan must be in place to prevent harm from being done, have access to these resources, and are knowledgeable to the required multi-disciplinary acumen, you have a strong foundation upon which to build your own threat management plan.