Strategies Against Hostile Surveillance

Surveillance, as I’ve previously explained, is a wide, deep and varied field, which in turn means that the strategies against it are no less wide, deep and varied. And though there are endless ways of looking at this field, and endless categories, subcategories and combinations of categories, in order to properly discuss this subject, we simply must start at some fundamental point.

The best way I’ve found to start discussing the strategies against hostile surveillance is to define four general categories:

Attack deterrence

Attack deterrence is the idea of painting an unwelcoming picture for hostile surveillance to see.
Security should try to make it clear to the hostile entity, as it conducts its surveillance, that the target in question is not an easy/desirable one; making it more likely that the hostile entity will either abandon its plan or take it elsewhere.

This simple and effective strategy doesn’t necessitate any type of specialized training on surveillance detection. It can be achieved through strong visible security presence, breaking of routines (whenever possible), Physical barriers, solid access control, and generally maintaining a high level of awareness, vigilance and professionalism.

In some cases, concealing the access control process can also help harden the target as this will make it harder for hostile surveillance to collect information on it – thereby making it harder to formulate a plan around it.

Another effective, if somewhat less conventional, set of actions that can help deter an attack are various activities that are difficult for the hostile surveillance entity to see and/or understand. Activities such as randomly photographing certain areas and people around the target, sporadically writing down license plate numbers of random vehicles in the area, etc. The random nature of these actions is precisely the point. Hostile surveillance operatives are not likely to assume that such activities are randomly performed for no good reason, which will force them to try to understand them better. Security, after all, is a major factor for hostile entities to understand and plan for, and the simple act of trying to understand such random activities will, at the very least, lengthen the process of surveillance; causing the hostile entity to increase its costs and assume more risk.

This shifting of the cost/risk-benefit ratio should further raise the probability that the hostile entity will either abandon its plan or take it to a different target that can be more easily understood.

Remember, the inability of security personnel to identify hostile surveillance, does not necessarily mean that the target is left completely vulnerable. Though this strategy might not guarantee safety (nothing actually can), it makes it much more likely that the hostile entity will simply select a different and less secured target as it follows its hostile planning process.

Surveillance Deterrence

Surveillance deterrence takes all of what was detailed in the above section, and adds another layer that provides the appearance of an active attempt to expose surveillance. This does not actually mean that all security personnel must be trained in surveillance detection, it’s enough that it appears that way in order to make it much harder/less desirable for a hostile surveillance operative to conduct surveillance on the target.

Surveillance deterrence can be achieved by combining a number of actions that will be viewed unfavorably by hostile surveillance operatives. Perhaps the most basic of these is an active projection of visual control over the area around the target, along with an attempt to detect and acknowledge any person spending any time in the area, or even just passing through it, regardless of whether or not they seem suspicious.

It’s important that a particularly large amount of attention be paid to the vantage points around the target. These vantage points can be located, assessed and plotted out by a surveillance detection professional, performing a service called Surveillance Mapping.  after Surveillance Mapping is complete, conventional security officers – not even necessarily well trained ones (as is very very often the case) – can be instructed to pay close attention to these locations. These instructions should include random visits to these vantage points, performed as often as possible, along with casual acknowledgements and even polite verbal engagements of people who occupy them, whether or not they appear suspicious.

Keep in mind that a well trained surveillance operative would probably assume a vantage point only after having established a solid cover and cover story, making it unlikely that he/she will be exposed by a conventional security officer. Nevertheless, when even a skilled surveillance operative is observed, acknowledged and verbally engaged, security will immediately seem more deterring; raising the probability that the hostile entity will either abandon its plan or take it to a different target where it will not be detected, much less acknowledged and engaged by security.

Surveillance detection (SD)

Surveillance detection is the attempt to covertly determine if hostile surveillance is being conducted, and if so, to collect general information on the hostile surveillance entity (time, location, appearance, actions, and correlation to the target).

SD operations must be conducted in a covert manner – every bit as covert as hostile surveillance, if not more – because the person who is being detected is him/herself trained in covert methodology. For this reason, no connection between the SD operator and the target, or the target’s security force, should be apparent.

In order to detect the subtle indicators of hostile surveillance, SD operators must first be well versed in surveillance operations. Generally speaking, these indicators consist of various types of subtle correlations to the target, and possibly some subtle mistakes that might only be apparent to an SD operator who knows what to look for. It’s possible that the detection of these subtle indicators will take quite a bit of time, requiring a number of fully dedicated SD operators; which is one of the reasons why SD operations are so costly and rare.

Because of the costs that are associated with surveillance detection, SD is a measure that is usually employed for the purpose of pursuing a hostile surveillance entity, rather than simply deterring it, and one of the ways to pursue hostile surveillance is with counter surveillance.

Counter surveillance (CS)

Counter surveillance is a follow-up measure that is taken only after hostile surveillance has been detected. CS basically turns the tables by conducting surveillance on the surveillance in order to collect as much detailed information on it. It must therefore be conducted in at least as covert a manner as SD, if not more so, since CS will probably need to observe, and possibly follow, hostile surveillance for even longer periods of time.

Counter surveillance, since it’s even riskier and more costly than SD, will usually be conducted for the sake of even more follow-up measures (discovering who the hostile surveillance entity works for, collection of evidence for litigation, investigation leading to arrest, etc.).

Now that we’ve covered the four basic strategies for dealing with hostile surveillance, let me make what I’m sure will be a contested claim, and inform anyone who is dedicated to conventional or even low profile security that surveillance detection and counter surveillance are not exactly open to you.

I hasten to add that this has nothing to do with skill or experience, and everything to do with the necessity to operate covertly. The strongest tool at the disposal of the conventional security officer – deterrence by appearance – is also the thing that disqualifies the officer from covert operations, if only because everyone knows who and where the officer is.

Let me make it very clear that in no way does this detract from the tremendous importance of conventional security; nor is it impossible for conventional security to detect hostile surveillance. There have, in fact, been numerous cases where this has happened, and we should keep in mind that not all hostile surveillance is conducted at such a high level.

Additionally, there is such a thing as SD-enabled security, which is a bit of a subcategory hybrid (which will be discussed in a later article). Nevertheless, it’s unwise to depend on exceptions and to only prepare for best case scenarios. It’s important to be honest about one’s operational and legal capabilities, and formulate realistic and dependable strategies that take this into account.

Thankfully, the first two strategies – attack deterrence and surveillance deterrence – are not only available to almost any security officer, they probably account for the vast majority of preventative interventions.

In the next article, I’ll discuss how almost any security officer can execute these strategies, and contribute to the prevention of hostile attacks.

Protection Circle_avater_due i Ikon

Learn more about this subject—and many others—in my master class on Hostile Activity Prevention
Utilizing Israeli know-how and delivered by me, Ami Toben, this online course teaches actionable, time-tested methods of prevention, detection and disruption of hostile attacks.

23 thoughts on “Strategies Against Hostile Surveillance

  1. This is a very educative piece on the subject of surveillance. I have no words to express my profound gratitude to Mr. Ami Toben for this incisive and educative project in our forum.

      1. The simplicity of your written language and mastery of subject area is commendable. You have helped me crack my trouble some masters project research

  2. I particularly like your comments on surveillance mapping. It is a tool that I provide individuals who might be targeted, but have no training and no protective detail. If they can at least know where to look for likely hostile surveillance, and subsequently provide me with info on what they see, it just might allow them to detect a build up to an attack. Well done, sir.

  3. Thank you, Glenn.
    It’s always good to meet a fellow “mapper”.
    I find that surveillance mapping, in addition to being important for security officers, is also important for security camera installers. Many people simply assume that installing CCTV cameras is enough, while never actually considering where the cameras are aimed, and for what reasons.

      1. Ami – You have a skill that you don’t find often – the ability to communicate in writing – and the willingness to share it. Not seen often in the business

  4. Ami:
    At the prresent time I am preparing a kidnapping and extortion investigations seminar with retired members of the Colombian National Police. It includes a short segment on prevention. If you dont mind i would like to mention some of your thoughts with them.

  5. Great article Ami. You blog about a lot things that have been on my “to do” list of blog posts and I learned a lot from your posts.

    I’ve been following your last few and they are well aligned with my blog also. I was wondering if you’d be interested in guest blog/cross posting on each other’s blogs?

    You can find my blog at We both benefit in terms of SEO and thought leadership.

    Let me know if you are interested?

    Either way, thanks and keep up the good work.


    Grady Emmons, MSc, CPP

  6. Hi Ami,

    greetings from the UK.

    Thank you. This is a well researched and informative article. It demonstrates an excellent understanding of the hostile planning process. Something that most security personnel either ignore or, lack a depth of understanding in. A colleague and I are in the process of trying to educate the UK security industry of the benefits of the use of SD and CS operatives (head and brick wall are two words that come to mind at the moment). I would be grateful if I could use elements of your article for future presentations.


    1. Thank you, Gary. It is much appreciated.
      Please make as much use as you’d like of as much content as you need. I’d be happy, and even honored, to help in any way I can.

Leave a Reply to Ami TobenCancel reply