c
c
cc
     
 

Articles

Hindsight is Indeed 20/20
Why Case Studies are Such a Vital Tool

By Mary Beth Wilkas

 

As security professionals, we have a duty that extends beyond the actual protection we provide, one that encompasses a need to scrutinize even the most minute details of an incident, whether it was a threat which was interdicted or an attack that was successful, and glean those lessons learned that will ultimately ensure that similar incidents are better protected against.  With every tragedy and potential tragedy that occurs due to a breach in protection protocol, an opportunity exists for a case study to be created and analyzed.  As fellow protectors, we have a profound responsibility to reflect upon the mistakes made by fellow security practitioners and the ability to make the changes necessary in how we operate so that the same mistakes or miscues do not place our protectees, or those of us responsible for their safety, in harm’s way unnecessarily. 

The following is an example of what a case study should consist of. Whether you are the one compiling the study or simply a protection agent seeking to improve your knowledge, skill and ability to provide the most value, a case study should meet the following basic criteria:

  • be detailed and as specific as possible

  • provide accurate and timely information

  • above all else, provide an objective point-of-view

While compiling and reviewing a document that casts a critical eye towards someone else’s work can be difficult, doing so is absolutely vital to the process of improving the tactics, techniques and procedures we use to protect our principals.

On March 30, 1981, John Warnock Hinckley, Jr., in an effort to impress actress Jodie Foster, attempted to assassinate President Ronald Reagan.  At 2:25 pm EST President Reagan, just 69 days into his Presidency, exited the side entrance of the Hilton Hotel in Washington, DC.  Hinckley was outside waiting for the President in a small crowd of supporters and press.  As Reagan turned toward Michael Putzel, an Associated Press reporter who had called, "Mr. President," he heard a pop-pop-pop sound.  Reagan turned and asked, “What the hell’s that?”  By the time the reality of the situation sunk in, John Hinckley had already fired six “Devastator” rounds from a Röhm RG-14 .22 caliber blue steel revolver in less than 3.0 seconds.  The following details the fate of each of those six “Devastator” bullets, round by round, and those who were in the kill zone at the time the attack was launched:

  1. Hit Press Secretary Jim Brady in the right side of the head.  He remains paralyzed on the left side of his body.

  2. Hit Washington, D.C. Police Officer, Tom Delahanty, in the back of the neck.

  3. Overshot the President and hit the window of a building across the street.

  4. Hit US Secret Service Agent Timmy McCarthy in the abdomen.

  5. Hit the bulletproof glass of the window on the open side door of the President's limousine.

  6. The cover and evacuate process was already in motion.  While this was happening, the 6th round hit the bullet resistant window of the back door of the Presidential limousine as it was opened, it ricocheted through a small gap between the body of the car and the door hinges, flattened out to the size of a quarter with jagged edges and entered under the left armpit area of the President.

From the moment Hinckley began shooting, those United States Secret Service Agents serving on the elite Presidential Protection Detail (PPD) whom were on duty that day kicked into high gear. Just as they had practiced literally hundreds of times before in training, they had already begun saving the life of their Principal:

  • Ray Shaddick, PPD Shift Leader, had opened the back right door of the Presidential limousine for the President to get in;

  • Timmy McCarthy, upon hearing the first shot, instinctively turned and faced the attacker, spread-eagling himself to make as big a target as possible.  In doing his job, Timmy McCarthy took round # 4 in the abdomen.  To this day, he is the only U.S. Secret Service Agent to “take a bullet” for a President;

  • Jerry Parr, PPD Agent-in-Charge (AIC), grabbed Reagan by the waist and covered him with his body, practically tackling the President as he shoved him through the open door and into the limousine

  • Ray Shaddick, PPD Shift Leader, forced both Reagan and Parr into the back of the President’s limousine.  Reagan landed with his face on top of the armrest across the back seat with Parr on top of him.  Parr was physically covering the President, providing body cover in case there were any further attacks;

  • Jerry Parr, PPD AIC, did a physical check of President Reagan once he determined they were out of the attack zone and the limousine was on the way back to the White House.  During this time, Reagan told him that he thought Parr had broken one of his ribs when he landed on him because his upper back was in excruciating pain.  At that moment, Reagan coughed and Parr saw bright red frothy blood coming from Reagan’s mouth.  He knew this meant Reagan had lung damage; in fact, it indicated that the President’s left lung had collapsed.  Parr immediately told the Limousine Driver, Agent Drew Unrue, to switch destination from the White House to George Washington Hospital;

  • The Command Post Agent manning the radio communication back at the White House called GW Hospital and made sure the necessary medical personnel, blood and operating rooms were ready for Reagan’s arrival;

  • The Limousine Driver, Agent Drew Unrue, knew exactly what route to take to GW Hospital from any point in the city.  He got the President to GW Hospital in the quickest amount of time possible.  Reagan’s doctors say that, had Reagan arrived 2-3 minutes later, he would have died.

Each of these Agents, while acting individually, worked together as a team and was responsible, in some part, for saving the life of President Reagan.  They reacted quickly, methodically, professionally and in the manner in which they had been trained.  Well done.  Or was it really well done?  The obvious question still lingers, “Why and how did this incident happen in the first place?”

The answer is not because the “bad guy”, John Hinckley Jr., was smarter, stronger or better than the Secret Service Agents assigned to the PPD.  Hinckley was not working with anyone to accomplish his goal; he did not have an experienced team working with him to pull off this attack.  He didn’t even have a plan of attack that had been evolving over a lengthy period of time; in reality, Hinckley did not even have much of a plan at all.  He had simply arrived in Washington, D.C. the night before via Greyhound bus with the intention of impressing the woman he was obsessed with in order to gain her love. 

As is often the case, the answer as to why this incident ever transpired is, very simply put, because even the best can make mistakes and even the most capable protection professionals can take things for granted. In order to recognize and identify this we have to go back to a point in time well before the first round was fired. In this case, that point is earlier in the day on March 30, 1981, when the United States Secret Service (USSS) did the same advance they had always done at this “routine local stop”, the Hilton Hotel.  They simply referred to the information contained in the local stop advance book and filled in whatever blanks were necessary.  As events would later demonstrate, that was their first mistake. In addition, prior to this incident, the press and public were never separated at the arrival/departure point. The conventional thinking was that there was really no need to create such a division since any public departure usually involved a seldom-used exit and that system never presented any problems in the past. Add to that the fact that these departures were typically quick and unpublicized so no one ever questioned the survey or the reasoning behind that protocol. That is, of course, until sometime later in the day on March 30, 1981.  By the light of day, that was clearly mistake number two.

Fortunately, this attempt to assassinate Reagan was unsuccessful and the US Secret Service, along with the rest of security community, was able to convert this tragic incident into an extremely useful training tool.  As was the case with the training the Agent’s on the ground that day had gone through previously, the first step to creating this post-incident training tool was the development of a case study to identify the lessons learned from that attack. While entire training courses have been created around this incident, there are several lessons learned and security modifications derived from just this one incident that are valuable to anyone endeavoring to provide close protection. With a little bit of forethought and imagination, these lesson can be applied to nearly every protection scenario regardless of how small or large the pool of available resources is. Included amongst these lessons are:

  • Arrivals and Departures  Arrivals and departures choreographed by the USSS are now rarely done in the open/in public.  If they are done in public, several security measures are put into place.
      • A press area is set up and a Press Agent is assigned only to cover this area.  The Press Agent is responsible for having the EOD team check equipment at least an hour before an event, to check each member of the press for proper credentials and to assure that during an event, the press stays within that designated area. 
      • The public is set further back and a barrier, or cordon, is used to keep them in one area.  At least one Secret Service Agent is typically assigned to monitor and wander within the public area, depending on the size, location of the event and manpower.
  • Hospital Advance   Hospital Advance Agents are now in place at an undisclosed number of hospitals during a Presidential movement.  They do not leave their posts until the President is “wheels up” plus 30 minutes, give or take.
  • Ballistic Vests   Shortly after the attempt on Reagan’s life PPD and VPPD Agents were personally fitted for ballistic vests that looked just like white or blue dress shirts.  On March 30, 1981, Timmy McCarthy (the USSS Agent shot in the abdomen during the attempt) was not wearing a ballistic vest.  At that time, the decision was generally left up to the SAIC, the Shift Leader, or the individual Agent himself to wear or not wear a vest.  One PPD Agent told me that he could remember being ordered to wear a vest on less than five occasions prior to the attempt.  Following the attempt, USSS Agents wore them on every trip, taking them off only when they were on Air Force One.
  • Training  The amount of training the US Secret Service Agents involved in this incident had prior to the attack was obvious and admirable.  Training is vital, necessary and an aspect of the security industry that must be incorporated day in and day out – not just once a year or, worse yet, once in an Agent’s lifetime.
  • Teamwork  The AIC, Shift Leader, inner ring Agents, CP Agent and Limo Driver all had equal responsibility for Reagan’s life.  They were a TEAM!  If any of these people had panicked or failed to do exactly what they were supposed to, Reagan very likely would have died that day.
  • Threats  The attempt on Reagan’s life was a realization that it is not just political fanatics that threaten our Principals.  This was an individual, John Hinckley, obsessed with Jodie Foster, a Hollywood actress.  He did not harm HER, he “hoped to impress her with the magnitude of his action”.  He chose the President of the United States.  There were no warning signs and no prior threats.  Hinckley was never even a blip on the radar as far as posing a threat to Reagan.

Lessons learned and subsequent modifications to security protocols and tactics in response to the Reagan Assassination provides us with a glimpse at the core value of a well developed case study.  These studies document from whence we came and how we got to where we are today.  Just about every modern protective technique or protocol is rooted in a “lesson learned” from a real life security incident, not from some scenario dreamed up in the sterile confines of the training arena.   

While I consider myself fortunate to have had the unique privilege of working with two clients who sought to improve their security prior to any specific threat or deliberate attack, it should be recognized that this is not often the case. Most protection professionals are working today due to the simple fact that there has already been a threat made or because an incident has already occurred, highlighting the fact that we are typically a reactive society, as opposed to a proactive one.  There are dozens of examples in the security world that lend support to this statement.  For one, contrary to popular belief, the Secret Service was not created to protect the President of the United States; in fact, it was formed in 1865 to suppress counterfeit currency. It was not until 1901, following the assassination of President McKinley, that the Secret Service was requested by Congress to provide Presidential protection.  Even then, only two Agents were assigned permanently to the White House.  Today, more than 100 years later, the Secret Service employs over 3,000 Special Agents, uniformed officers and other technical, professional and administrative support personnel. Their duties have also expanded to include protecting the President and Vice President of the United States, their families, former Presidents, Presidential candidates and other “special cases”.  This expansion didn’t occur randomly; rather, it is a result of mounting threats, assassinations, assassination attempts, attacks and just the current state of security in the world today.

From a historical perspective, here are a few interesting incidents from both the public and private sectors that illustrate the reactive society we live in and how even the intended target’s perspective on security changed following the incident:

  • Incident #1, Assassination of Bobby Kennedy.  The1968 Democratic Presidential candidate was assassinated by Sirhan Sirhan at the Ambassador Hotel in Los Angeles. 
    Result -  The Secret Service began protecting Presidential candidates
  • Incident #2 Kidnapping of Kevyn Wynn. In 1993, the oldest daughter of Las Vegas casino mogul Steve Wynn was kidnapped from her exclusive Spanish Trails condominium. 
    Result -  Steve Wynn had a massive residence built in a more secure, isolated location, moved his whole family there and hired a security team to protect them.
  • Incident #3, Murder of Gianni Versace.  In 1997, Italian fashion designer was murdered on the steps of his oceanfront home In Miami, FL by spree killer Andrew Cunanan. 
    Result -  The Versace family hired a high-profile security firm to protect them.
  • Incident #4, Bill Gates Attacked.  In 1998, the owner of Microsoft got two pies tossed in his face by Noel Godin.  He was being protected by contract security.
    Result -  Bill Gates hired a permanent security team.

The results of each of these incidents highlights what may be the most useful aspect of any case study - the fact that the incident being examined actually happened, out there in the real world, involving real people, often times under rather ordinary circumstances. There is no need to make anything up, invent the details or develop some complex theory regarding what happened because its all right there on video, in the newspaper or in the history books. There is no need to exaggerate the shortcomings in the protection plan or the mistakes made by the protectors, they scream at us from the screen or the pages in front of us. This makes the case study a powerful tool which can be used by the security practitioner to make a compelling case for security improvements. Perhaps most importantly, there is no need to imagine what might happen if we do not take our duties seriously. A detailed, objective case study will clearly illustrate what will happen - because it already has. 

Beyond those few, select incidents, there is a long list of reasons why case studies are a valuable tool for security providers, and how the lessons learned from one incident can be applied to various facets of protection.

  • Scrutinizing case studies reminds us just how important training and teamwork are each and every day we decide to work in this profession.  The terrorist, the psycho, the stalker, the extremist – the “bad guys”- have to be on their game, so to speak, just once. We, as security professionals, have to be on all the time (e.g. The Yitzhak Rabin assassination in Tel Aviv 1995).
  • Analyzing case studies reminds us how modern-day techniques, tactics and procedures came to be (e.g. Since the Reagan assassination attempt on March 30, 1981 in Washington, D.C., Secret Service Agents now wear fitted vests).  In addition, many of us now incorporate Hospital Advances in our preparations and, if we have the manpower, post Agents at those hospitals. 
  • Looking at case studies reminds us that just because our Principal is adored and loved by his/her fans, supporters and the media does not mean they are immune to attack (e.g. Gianni Versace was shot and killed by Andrew Cunanan in front of his Miami, Florida home in 1997).
  • Analyzing a given case study allows the practitioner to evaluate what security measures did not function as intended, or as well as originally thought (e.g. Ronald Reagan assassination attempt in Washington, DC 1981).  What worked – teamwork and training.  What did not work –  viewing the event as routine and conducting a presumptive advance.
  • Case studies may also tell us what works best for a given situation. They can tell us where or when the cordons of security have not been penetrated and/or where a perpetrator has not been successful and exactly which elements of our security operations or team actions were successful. This provides an opportunity for us to emulate those TTPs that have worked well in the real world. (e.g. Any given day that we get our principal home safely provides the opportunity to assess our operations).
  • Analyzing case studies improves our “attack recognition” capability.  By learning the who, what, where, when, why and how of an attack, we familiarize ourselves with the modus operandi used to carry out an attack.  Rarely are two attacks exact in their TTPs; however, exposing protection providers to attack recognition factors provides an obvious benefit – knowledge.  This knowledge may allow the security practitioner to recognize a potential Attack On the Principal (AOP) early in its life cycle, providing ample time to disrupt the attack or interdict the attackers.
  • Analyzing case studies keeps security professionals fresh and attune to the realities and dangers of the job.  This should be a constant endeavor for any security team.  Evaluating a Protectee’s environment for factors that can lead to an AOP can prove invaluable and thwart an attack.  (e.g. The case of Kevyn Wynn, the daughter of Las Vegas casino mogul and multi millionaire, Steve Wynn).  She was kidnapped right from her exclusive Las Vegas condominium when she was 26 years old.  Now, look at your own protectee and ask yourself what you do, could do and will do to prevent this from happening to him/her or their family.

Case studies based on actual attacks are truly a gift, which as security providers we can give to ourselves and share with others in the profession.  History dictates that we could not ask for a better training tool than a real-world incident that serves to analyze the situation, evaluate the performance of the protectors and identify the mistakes made by fellow security professionals, allowing us to, perhaps, rectify our own modus operandi.  When compiled properly and used appropriately, case studies have been proven time and time again to be an invaluable tool. That is, of course, if we choose to recognize their value, heed the lessons learned and endeavor to expend the time and energy to remedy any problems we may recognize in our own tactics, techniques and procedures.

In the realm of protection, we may never know how many attacks we have repelled just by doing our job correctly.  However, our mistakes serve as glaring reminders of what happens when we do not perform well. The duties of our profession often become mundane and protecting an individual can become nothing more than routine; the Reagan case study demonstrates that routine may lead to failure and complacency dulls our ability to perform at our best.  Obviously, this is a bad thing.  As mentioned earlier, the unfortunate reality is that, as protectors, we are expected to be “on” 100% of the time, yet the “bad guy” only has to be “on” just once.  This is the challenge we face every day on the job; a challenge that can be met, in part, by embracing case studies and actively pursuing the knowledge they can provide.

About the Author
Mary Beth Wilkas is currently the Vice President of Operations and Business Development for ABILA Security & Investigations Inc., a respected international security provider headquartered in Colorado Springs, CO. She previously served as U.S. Secret Service Agent assigned to the Washington Field Office during the Bush Sr. Administration. Following her government service, Mary Beth worked with the Organization of American States (OAS) providing protection to the OAS ambassador during an international election observation mission in Peru.  Later, she was recruited to serve on a security team contracted by the Department of State to protect the President of Haiti. Subsequently, she was selected to provide Diplomatic Security training to foreign nationals through the U.S. State Department-sponsored Antiterrorism Assistance Program. Additionally, she spent 2½ years serving as the Security Advisor to the Minister of Defense and the Vice President of Colombia, under the auspices of the US Embassy. Ms. Wilkas holds a Bachelor of Science degree in Criminal Justice, and a Masters degree in Forensic Psychology. Her work in this field led to an assignment as a Counselor in the Stalking Unit of Victim Services in the borough of Queens in New York City, during which time she researched and created a Stalking Risk Assessment Prototype.  She is also the co-author of a chapter featured in the book ‘Stalking Crimes and Victim Protection: Prevention, Intervention, and Threat Assessment’.

 

Sign Up for our Email Mailing List
Email:  




 

home · courses · about us · facility · contact

Please direct questions or comments about this site to info@vehicledynamics.net.
Copyright © 2009. VDI, Vehicle Dynamics Institute. All rights reserved.