From SEAL Teams to Corporate Security: Lessons from the Frontlines of Risk Management

0:00

Manish:

Jake Williams and Robin Miller are the co-founders of Fortified Risk Group, a premier securities consulting firm known for its integration of digital and physical security strategies. Jake, a former Navy SEAL with over a decade of operational experience, and Robin, a retired Navy SEAL with over 20 years of service, lead a team that delivers high-impact threat assessments, executive protection, uniform security, and risk mitigation solutions. Fortified Risk Group supports clients across industries, including healthcare, global manufacturing, large attorney groups, media, and finance, helping them stay protected and ahead of evolving threats. Please join me in welcoming Jake and Robin to the Connected Intelligence Podcast. Good to have you here, guys.

Jake:

Thanks, Manish, glad to be here.

1:20

Manish:

Yeah, we live in interesting times, don’t we? My goodness. By the time this podcast goes out to our audience, it’ll be perhaps a couple of weeks from now. But how do you reflect on maybe the present events and risks that are happening in the world and a little bit on both of your backgrounds as Navy SEALs and then eventually moving your way into the private sector? We’d love to hear each of your brief stories. Maybe Robin, starting with you.

Robin:

Sure. Yeah, I retired. in 2018 from, like you said, over 20 years in the SEAL teams or Naval Special Warfare. And really, I just was exposed to a really successful way of prosecuting our enemies, but really utilizing intelligence, really. How do you solve a problem? Well, you do your homework, do your upstream thinking, which is gathering all the intel you can, analyze those threats, find choke points, find weaknesses, and then capitalize on it. And that’s literally what I did for 20 years. And when I was retiring and Jake was getting out, we were just trying to figure out like, how can we use the skills we learned in our careers? And what can we do with that? And then we realized, this world that we live in is actually right now, it’s pretty challenging and it’s pretty kind of, I don’t want to say scary, but it’s kind of a dynamic world out there. And there’s a lot of threats that are, that are, that are, that are real. They’re very real threats. And what we chose to do is use the skills that we learned in our special warfare backgrounds. And it just kind of reverse engineer it for our clients. So we just look at our clients, all aspects and do what we would have done if we were targeting them. We look at them like they are a target and we use, well, very specifically Ontic to do a lot of our homework, a lot of our upstream thinking, and then we find those vulnerabilities and then we stop and then reverse engineer it and shore those up. I mean, I’ll let Jake speak to it as well, obviously, but that’s essentially what we do. We just use the information that is out there to keep people safe.

Manish:

Very, very insightful. Jake, what was your path?

Jake:

Yeah, I, like Robin mentioned, he and I met while we were on our Twilight tours, if you will. He was wrapping up just over 20 years and I was at 12 years and I was getting out of the Navy at that time. And I had the opportunity, like Robin, to spend a lot of time in non-permissive, semi-permissive, and permissive environments around the globe. And it really gives you a unique perspective because we spent a career targeting our nation’s enemies, and we saw what worked, and we did a lot of repetitions with that. And so as I was getting out and Robin and I were talking like how can we take all these skills we’ve learned to bring them back home and just help other folks with it. So our mission has been let’s keep people safe. Let’s give people access to real security solutions in these uncertain times. And like Robin was sharing, we reverse engineered that process. We would target, we’d do the analysis, collect the intel, figure out the vulnerabilities. And then once we knew where they were weak and where we could hit them, we hit them where they were most vulnerable and where it was most advantageous to us. And that gives us a really unique lens when we step in with our clients. We do that same assessment process, but now it’s like we’re on your side. Let us tell you where we think we’d find you vulnerable, and then we can help shore that up. With Ontic specifically, as we started doing our assessments and working with our clients, we felt this kind of gap in our service because we said, We both come from this world where we have a ton of intelligence at our fingertips, where we needed to put together a package for whatever the mission was. And it was like, we need to fill that. And so we were looking around and when we finally found you guys, we thought this is such a key component to our operation because now we can take this intel and use it with our clients. And like Robin was saying, upstream think and really allow us to provide a more holistic package to our offering.

6:02

Manish:

Very helpful. I’d love to explore a little bit about the similarities and maybe the differences of your backgrounds as it related to corporate security. Obviously, corporate security has a lot of the same patterns that you both just highlighted. But then there’s the corporate aspect to corporate security, the big capital C. What were similarities, what were big surprises or differences as you guys made that transition?

Jake:

Yeah, I guess I’ll kick it off, Robin, and then pick up where I missed out. I think some of the big, I’ll start with the differences initially, and it just comes with transition for us out of the service where we were a direct action element, right? We were tasked with going and doing direct action with the enemy, and that is not corporate security. We are very offensive in nature, and corporate security, obviously, is much more defensive in nature, with as much forward planning as possible to be preventative. And so just right off the bat, like the nature of that is, is different. And so us being able to couple that experience where we realized, like, hey, we’re not, we’re not building an assault team, we’re not going out to go after like a specific target. Rather, we want to fortify and put measures in place to mitigate the risk as much as possible. And while it sounds like a no duh, when you’ve spent a lifetime doing that, there is like, you have to have a bit of a deliberate mental shift. Like we’re not doing that anymore, but we’re still going to use that same experience to, to make it an effective security program.

Robin:

Yeah. And to add to it, you know, what, where we’ve seen success, well, I don’t want to disparage anyone in the industry, but we see a lot of folks in the corporate side, collateral is, I mean, security is like a collateral duty. Honestly, oftentimes it’s like a collateral duty to someone in facilities or like the structural management of like the physical security as a collateral duty. And if you have a threat, it’s just interesting because oftentimes we see that those folks, although well-intentioned, don’t necessarily have the, I’d say, background. So like Jake said, yeah, corporate security, you don’t need an assault force. But I spent 20 years in these non-permissive or war zones. And I just essentially, as a byproduct of that, I look at life different. And so, when I see things different, I wear this lens that sees things different than the average person does. And it gives us a very unique perspective to security. So granted, we’ve had to cater it very specifically to corporate environments in as much as we’re not fortifying with sandbags and machine guns, but like we’re using a lens to see these threats and then applying aesthetically pleasing contemporary physical security and digital security and really upstream thinking is a lot of what we do to be more proactive than reactive.

9:10

Manish:

I have a question about FRGs. So Robin, maybe we’ll start with you just continuing on this thread and then Jake, we’ll turn it over to you. Tell our audience a little bit about the mission of Fortified Risk Group and even how the name came about and how you guys really set yourselves apart. Maybe we’ll leave that last part to Jake, but talk a little bit more about the mission and the founding of FRG.

Robin:

I know you touched on it early, but maybe just to get you to understand the mission, you kind of have to understand the genesis of where we came from. When we, in terms of the company, when we started, we were consulting and then brokering security for our clients. Everything we do starts on an assessment. We have to figure out what your threats are and then apply measures. What we’re doing is applying measures by way of essentially being like a general contractor for their security or an external director of security. We would vet third party in every aspect from like physical stuff to tech to all sorts of the whole spectrum. And what we found was no one really does it very well. And man, I got to be careful. The industry is mediocre at best, I found. And in as much as the providers, because I think it goes back to so many people just don’t have a background in, in this and don’t necessarily see things the way we see it. So when we started, we were consulting. And then very quickly, relatively quickly, we realized we have to do this ourselves. Because the third party in all those different aspects, just weren’t doing it to our level. And what we expect is perfection or as close to perfection, because at the end of the day, what we’re really doing is keeping our clients safe. And what we found is using these other entities, they weren’t actually providing the services we were advertising to our clients. Well, let me turn over to Jake where the name came from then.

Jake:

Fortified Risk Group, just in the name, just we are, like we mentioned, we’re trying to fortify places, we’re trying to put that defensive posture, because we’re not an offensive team in that case, and just fortify your risk. And we’re a group that solves all kinds of problems for various entities. I would say like, you know, the mission Robin was hitting on is like, we just the bottom line, like we want to, we want to keep people safe. And we wanted to provide people that were looking for security solutions, just to have access to like a very realistic solution. That was our mission and that’s been our vision this whole time is like provide real access, so that people can live the life that they’re pursuing without all these other risks and factors playing a negative part in it. And then as far as setting us apart, a few things, I think one, we’ve taken this approach that works very well in our in the SEAL community for us. And it is that, it’s that integration of digital and physical security, where we live in this age where if those two elements are not communicating, then you’re gonna have massive gaps in your security plan. And so we’ve taken the physical approach. And we’ve taken the digital approach where we say, we, you know, we run deletion services on our clients, and we run these digital advances on our clients. And then we’re providing that in near real time back to our teams on the ground, because we sought work in the SEAL teams. And we know like, if our guys are on the ground, whether they’re protecting a facility, or they’re moving with a principal, if they can have near real time or real time ground truth of like, hey, what’s the rest of the world saying about you through a system like Ontic, then they’re that much more equipped. So not only are they monitoring cameras and looking at the natural environment, but they also get to see like, what’s the what’s the dark web feed right now? What’s the open web feed on the Ontic dashboards. And that’s been a huge It’s a huge thing that sets us apart because our clients know, not only do I have a very qualified and capable person that’s protecting my facility, but they’re in tune with the outside world. And that’s been incredibly helpful. Some other things that set us apart on the physical security side is we’ve designed a proprietary selection process. All of our agents go through an interview process. And then we’ve built out these scenario based training activities. So we take them into a training house, like what’s called a force on force room or a shoot house in our own world. And they’re faced with different scenarios from very permissive everyday scenarios to stuff that ramps up, and it allows us to evaluate how does this person make a decision in a low-stress, medium-stress, high-stress, life-threatening environment. So we get to evaluate their interview process, we get to evaluate them in these different situations, and then we even put them through a physical fitness test as well. So you know, like if you’re hiring Fortified Risk, you’re, you’re getting an agent that has almost all of our guys have a military and law enforcement background. They go through this proprietary selection process that we’ve designed and put them through with our own team. And so if you’re wearing our uniform and they show up to protect you, you’re getting, you’re getting our stamp of approval.

Robin:

Can I add something to that?

Jake:

Please.

Robin:

Yeah. Like what, what we do in this selection process eventually is we engage the sympathetic nervous system. And God forbid anyone ever needed to use a firearm in their line of work. If you haven’t engaged, well, one, you need to be proficient with firearms. And we do quarterly training with our agents across the country, regardless of the state requirements. So they’re training, in some instances, like 400% more than the state requires them to. But the other thing is with the selection side is we will get their sympathetic nervous system. And if you haven’t been trained in that, or inoculated, or exposed to that, most people essentially freeze up, or they go into fight or flight. And if you are responsible to be the buffer between this incident and our client, and you haven’t engaged that sympathetic nervous system, or been even aware of it, we can see. We’ll instantly see it. But what we’ve really noticed is when we hire, our pool is mostly law enforcement, tactical guys, and or military folks, and it’s just part of the process. Carrying a firearm is very common in these action arm parts of the military, so they’re a condition for the security and safety of firearms. But then more often than not, especially as a by-product of having been at war for the majority of my life and most of our employees’ lives, is they’ve been inoculated. They’ve been exposed to stress. So then, God forbid, they have to draw their firearm, or they, one, had the repetition with us for drawing a firearm, so they can use bandwidth to really make a really good decision, and in most cases, de-escalate. Whereas the opposite side is if folks haven’t been inoculated to stress, and they find themselves in this really high stress situation where this empathetic nervous system is engaged, more often than not, we see people fail. So our system catches that before we even consider hiring them. We can see in a relatively short amount of time if someone is right for us, if they’re right to put our uniform on.

17:26

Manish:

Your mission, your differentiation is very clear. I want both of you, and only one of you could answer, or both of you could answer, is there a day that either of you could remember, don’t name the client, but a day where you put all of this into practice that you’re most proud of?

Jake:

Absolutely.

Jake:

I don’t know if I can give more detail than that without exposing who the client is, though. but maybe speak in more generalities. Yeah. Yeah. There’s a few things come up and, you know, even as I like was thinking about this and looking through just different scenarios to potentially discuss. Um, I think about, and I know we’ve got questions here that kind of made me think about it, but the system, one of the systems that I think has been so effective, and we talked about all the selection, we talked about all the training, we talked about putting the intel together. We had an alert come through from Ontic. It was an arrest release. And so on that, on that arrest released we said, Hey, this person who’s made these very explicit threats has just been, they’ve served their time and they’ve just been released from jail. So our intel team is able to push that out to our guys on the ground who’ve been through these scenarios, not only with us in practice, but also in previous careers and our career, they get this information that says, Hey, like our threat is definitely elevated now because this person’s just been released. We know that they were locked up because of this particular client and all that information flow works out, it makes its way to the team. We’re able to adapt and change the posture as needed and ultimately mitigate the threat. I think another example, kind of going the opposite direction where we’ve, we’ve got our guys monitoring the platform. We pick up on some threatening posts almost as explicit where, and we’ve had, we’ve had stuff to, I’ve got these explosives in my vehicle and I’m on my way to this particular location to come after this particular group. We pick that up, it gets pushed to our guys on the ground. And at the same time, we’re contacting DHS, FBI. And so the lines of communication are open, and people are able to respond appropriately. And then that person gets arrested. And so it’s, it’s this huge win. It’s but it’s never a headline. And we don’t want headlines. We don’t want a news story. It’s like that quiet, kind of a silent professional, I guess you could say, only because we were able to upstream plan a little bit. Does that kind of answer your question there? 

Manish:

Yeah, those are great.

Robin:

We’ve had, in the executive protection side of the house, one, we never, oftentimes when we’re working with potential new clients, they want to hear a tangible time where our guys drew their gun and eliminated the bad guy. Well, no, that hasn’t happened because then we fail. There’s a higher probability of that happening had we not have access to Ontic. But we have had some close calls. We have some relatively high profile clients that engage with the public. And our EP teams have been notified in near real time that a protest is starting, a riot is starting, and we’ve been able to intervene. We call it, you know, upstream think. So our team didn’t have to draw their fire. They didn’t have to go in an emergency procedure, but they instantly changed egress routes, went to a different door, got our clients off the X nearly instantaneously where, in theory, it really could have been bad had we not had that real, it’s really close to real-time access. But, you know, we have people, the higher the threat, our intel team is constantly monitoring, depending on, you know, something super low-vis, you know, a low-profile client doing a very low-profile thing, it doesn’t necessarily demand or require our full intel team watching everything. But a lot of these high-vis people, they need it, and we have to provide them that information, but it’s just because we had that access, we saw that information come in on Ontic, and we were able to instantaneously relay that to the shift lead on the ground to make instantaneous reaction. Proactive, get them off the X.

22:18

Manish:

Those are great examples. You guys have your ear to the ground on what clients are concerned about these days. What’s rising to the top? What are clients now concerned about, maybe that they weren’t concerned about a couple of years ago?

Jake:

We probably have some, we have some high level general examples. And then like, if we were to drill into industry, there’d be some more specifics, but from a high level, people that have this organizations are really concerned with insider threats, active shooter from an organizational level industry agnostic in that sense, when we get it into our like higher profile, high net worth clients their big concerns are, getting doxxed, getting exposed, being approached, or even being like these assassination attempts that we’ve seen lately are of huge concern. We’ve seen it, unfortunately, in healthcare, but that fear spreads way beyond just the healthcare realm. And then even tragically and unfortunately, just recently, we see these lawmakers get assassinated in their home. And so from the high profile, high net worth, that is the fear. Like people know where I am and I’m not safe. And on the corporate side, organizationally, we see the insider threat as a big fear.

Robin:

But the assassination of the healthcare executive, yeah, that did spike things. There was a huge spike in requests in the corporate world across the senior leadership, the C-suite individuals. It’s been pretty constant since then.

24:04

Manish:

Understandably. Now, as you guys think about threat assessments or risk assessments, there’s the speed versus let’s be as thorough as we can. Where are you guys on that spectrum? I know it depends, but how has that been evolving for you inside of your firm and as a practice?

Jake:

Yeah, I think we have a few examples, I think we could share, Rob, because we have very deliberate threat assessments, where our team gets hired to go on site for multiple days, and do a very thorough infrastructure analysis and assessment. And then there’s other times where like, on the executive protection side, you’re doing a quick advance because a mission or you know, some sort of product just came down the pipe, I could touch on the kind of the deliberate one. And if Robin, you want to hit on maybe the more hasty advance for an EP project. But on the threat assessment for like a client, either an existing or a prospect will say, we have this facility x or company y, and we need an assessment, we come in with a team of our consultants, and we have a pretty robust process and evaluating the physical infrastructure, the digital infrastructure, and then we’re looking at the human just the human resources side of it all. And so that’s a multi day or or longer process of just running through our lists. We’re looking at every single lock. We’re looking at every single door. We’re looking at every single entry exit point. We’re looking at the vegetation, the parking lot, the flow of traffic. We’re looking at significant activities in and around the immediate area. What are the crime statistics? We spent a lot of time with the key stakeholders within the organization, and then we’ll do a big swath of people throughout the organization as well to really get an idea of, okay, you have policies and procedures, but how many people know them? How many people are practicing them? How often are they rehearsed? And so that’s what a very deliberate assessment looks like for us. And then we end up, we’ll push out a deliverable that has, you know, items, our findings, our recommendations, and then a roadmap to, hey, you scored a 68, but if you want to get to a 98, this is how you can get to a 98.

Robin:

To touch on more of the hasty side, well, we have that capacity or that capability, but we try not to ever require to do hasting. And in terms of executive protection, it’s one finding the right client too. There are, you know, everyone says the customer is always right. That is not true, at least for us. Because if we say we do an assessment on you and we say your threat level is X and to mitigate that threat, we need to go to X plus whatever. And if you say, yeah, we like that, but you know, we just don’t want to, that doesn’t sound right to us. We just like to cut it back to X minus one. We just say with all due respect, here’s your pathway to health. But we’re going to, we’re going to walk away. It’s just using trade craft too, and field craft that is consistent with our tactics, techniques, and procedures. If one of our executive protection clients requires, um, boots on the ground, we adhere to like most fundamental procedures. You know, there’s no such thing as one man EP or one person executive protection. Yeah. How are you driving the car and getting the person out the door and all this stuff? So we, you know, we have two, three individuals on someone at a minimum to it, to be consistent with fieldcraft. So it allows for people to do advances. It allows for proper drop-offs, pickups, stuff like that. But there are occasions where there’s a relative hasty, a client is or he’s the example client. It wasn’t going to launch, but now he’s going to launch. Right. We’re not going to, we don’t want to impact their, their, their day to day. But if we don’t have the capability of instantly sending someone to do a physical advance, there are our EP team that is instantly in contact with our intel analysts and saying, hey, we’re going here. Our guys have a very elaborate process that they can do very quickly, assessing all the doors, exits, entrances, looking at all the significant activity in the area. They can send them a deliverable that is very formatted so our guys can real quick read through it and understand what and how to approach this problem. Then we’re never afraid to tell our client, this isn’t a good idea. And what we’ve seen in the industry is that doesn’t always happen. But there’s a fine line, right? The last thing we want to do is be inconvenient, but security is not convenient. You have either, you have a quick, effective life, or there’s going to be some slowing down when you have a profile and a threat, because to mitigate threat requires a little bit of, it’s just the nature of security slows things down, so we try not to. But what it really goes back to though is we have to find the right client too. And I said that earlier, but we have had to say no quite regularly. A client will tell us how much security they want and what they want doesn’t always match up to their threat. And then on the flip side of that, you know, we’ve used a, Jake and I always say, we use a calibrated moral compass to navigate. So we never sell our clients three units when they only need one. So a client has occasionally maybe some ultra high, whatever, this person has the capacity financially to pay for everything, right? But they don’t need everything. So we do a threat assessment and say, you know, we’re grateful with what you need, but you may not need 10 units, 10 executive protection agents. What it really all goes back to is the threat level. Are we mitigating the threat or are we unnecessarily accepting threats? Occasionally, we have clients that need to get from A to B, and the threat went up. But we thought about that. We’re always thinking way upstream. So we had a standby team a couple blocks away. Something to that effect, if that makes sense.

30:34

Manish:

It does. It does. We only have time, unfortunately, for one more question for you guys. Again, thank you both for joining. It’s been a great conversation. You both again in our audience really would appreciate hearing your thoughts given both of your backgrounds as SEALs. Is there a lesson in leadership, I know that’s a hard one to pull from thinking about all the lessons in leadership that you’ve experienced as SEALs and throughout your careers, is there a lesson in leadership that would be beneficial to our listeners again, from that background, from real-world experiences with your corporate clients. But I’d like you to go back as far as you can, particularly with your CELO training. And Jake, I’m going to start with you and then Robin.

Jake:

Well, hopefully, I know we have multiple examples, but he may, hopefully I don’t steal his. Man, it’s a great question, Manish. And when I think and I think about it, this one kind of blends maybe a couple of items. But one of the things in the special operations community is we’d always say, humans are more important than hardware. And I think that’s probably been one of the most powerful leadership lessons for me, I learned it as a new guy in the SEAL teams. And what that means is, like, the amount of money and the time and the value of that human asset and special operations, It’s more important than the tank, it’s more important than the ship, it’s more important than the helicopter. Because ultimately, we’re the ones on the ground making the decision. And so I think in this business, we push our team, we want that we hold to high expectations. But at the end of the day, our guys on the ground are the most important aspect because they are the ones making the decisions in real time. And so we’re very, Robin and I’ve been very deliberate about the clients we work with. We will never put our guys in a position that we ourselves wouldn’t want to be in, or wouldn’t ourselves put ourselves in. And so there’s, there’s, when Robin was talking about, we say no to those people, if it doesn’t, if it doesn’t fit our mold, whether it’s because we said, you need x, and they’re saying we want x minus, it’s like, we’re not going to do that because Robin wouldn’t stand that. I wouldn’t stand that. And it, that to me, I really fall back on as a young SEAL. When I was first taught to me, like the guys on the ground are the most important asset we have, it has stuck with me for a long time. 

Manish:

That’s great. Robin.

Robin:

You know, as a young SEAL and as an operator, the key phrase was take care of your gear and your gear will take care of you. Well, as you, as an enlisted guy, you work yourself up into more leadership positions. And the big phrase was take care of your people and your people will take care of you. So just to reiterate what Jake is saying, take care of your people and they will take care of you by leading by example, setting the bar high and lead by example. A servant or service, you’re providing services to your people, lead by example, and just do the right thing and through repetition, only through repetition, perfect practice will make perfect.

34:07

Manish:

Great insights. I do have one, one last question. It is tradition with our podcasts to ask the question, what does Connected Intelligence mean to you? And if each of you could just condense it down to one line or one sentence, I know that’s hard, but.

Robin:

Jake is gonna have to lead first.

Jake:

Connected Intelligence, it means Ontic to me. No, Connected Intelligence is having clear lines of communication in place. that allows relevant information flow to make it from whoever it’s happening to the people that need to be the recipients of it so that we can use it actionably.

Robin:

Streamlining communication, flattening comms to get information to the end state user as fast as possible.

Manish:

Thank you both for joining us today. Yeah.

Jake:

Thank you.

Robin:

Thank you. We appreciate it.