Security Intelligence

Security for Diplomatic Missions, Embassies, and Consulates | CloseProtectionHire

Q: "What is the Regional Security Officer and what is their role?"

"The Regional Security Officer (RSO) is a US Diplomatic Security Service (DSS) special agent assigned to a US embassy or consulate to manage the mission's security programme. The RSO is responsible for: conducting threat assessments, managing the local guard force, advising the Ambassador and mission staff on security matters, coordinating with host nation security services, overseeing the emergency action plan, and managing the Overseas Security Advisory Council (OSAC) relationship with the local business and NGO community. RSOs at high-threat posts in P1 cities carry a significant protective and intelligence function. For non-US diplomatic missions, the equivalent role varies by country -- the UK Foreign, Commonwealth and Development Office (FCDO) deploys Diplomatic Service Protection Officers and works with DSS via bilateral security cooperation arrangements. For corporate travellers and security providers, the RSO is a primary resource for threat intelligence and in-country security contacts at US embassy posts globally."

Q: "What is OSAC and how do security professionals use it?"

"The Overseas Security Advisory Council (OSAC) is a US government and private sector partnership established in 1985 under the Omnibus Diplomatic Security and Antiterrorism Act. It provides security information, analysis, and a communication channel between the US Diplomatic Security Service and American private sector organisations operating overseas. OSAC produces country security reports, city-specific threat briefs, and sector reports (energy, healthcare, NGO, education) that are among the most consistently reliable open-source security assessments available. Security professionals use OSAC as a primary reference for pre-trip threat assessment, supplemented by Control Risks, GardaWorld, and the relevant FCDO travel advice. OSAC reports are freely available to registered organisations at osac.gov. For the purposes of due diligence and YMYL compliance, named and dated OSAC reports are citable sources for factual security claims about specific countries and cities."

Q: "What are the main security threats to diplomatic missions and their personnel?"

"The threat landscape for diplomatic missions divides between facility threats and personnel threats. Facility threats include: terrorism directed at embassies as symbolic or strategic targets (US embassy bombings Nairobi/Dar es Salaam 1998, Algiers 2007, Kabul multiple incidents, Benghazi 2012), protest movements directed at the mission (historically common at US and Israeli embassies; now relevant to a wider range of missions as geopolitical tensions proliferate), and criminal exploitation of diplomatic premises or personnel for fraud and money laundering (a growing concern in some P2 markets). Personnel threats include: targeted kidnapping of diplomatic staff (concentrated in high-KFR environments -- Colombia, Afghanistan, Iraq, Syria historically), surveillance of staff as intelligence collection targets (all major intelligence services conduct surveillance of diplomatic personnel), hostile approach or recruitment attempts targeting locally employed staff, and gender-based violence and harassment for female diplomatic personnel in misogynistic cultural environments."

Q: "How should security be managed for locally employed staff at diplomatic missions?"

"Locally employed staff (LES) at diplomatic missions are among the most valuable and most vulnerable elements of the mission's security architecture. They typically have greater local language capability and community access than diplomatic staff, they hold sensitive administrative and operational roles, and they are frequently the target of intelligence service recruitment approaches by the host country's security apparatus. The security management framework for LES should include: documented vetting at appointment (identity, employment history, criminal record, financial background -- the vetting standard should be higher than standard commercial employment given the sensitivity of the role); periodic re-vetting particularly following significant life events (financial pressure, family illness, divorce); a security briefing covering their specific vulnerabilities (recruitment approaches, social engineering, social media discipline); a confidential reporting mechanism for approaches they receive; and a duty of care programme covering their physical safety in the host country's security environment. LES security is an area where many diplomatic missions have historically underinvested relative to the risk."

Q: "What is the standard emergency action plan framework for a diplomatic mission?"

"The emergency action plan (EAP) for a diplomatic mission provides the procedures for responding to a range of threat scenarios: fire, medical emergency, civil unrest, attack on the compound, hostage-taking, and evacuation of non-essential personnel. The EAP framework includes: a designated assembly point within the compound for initial accountability; a shelter-in-place location for scenarios requiring personnel to remain on compound (attack, civil unrest); an emergency communication tree (how staff are notified, which channel, in what sequence); a warden system (each section or floor has a warden responsible for accountability); a list of essential personnel who remain versus non-essential who evacuate; and an authorised departure and ordered departure protocol (the specific threat levels that trigger partial or full evacuation of mission personnel). The EAP is tested at least annually, usually in a tabletop exercise with embassy leadership and section heads, and updated after each test to reflect gaps identified. UK nationals at diplomatic missions are encouraged to register with the FCDO LOCATE service to ensure they are captured in the accountability process."

Security planning for diplomatic missions, embassy personnel, and consular staff. RSO role, OSAC resources, compound security, locally employed staff vetting, and the threat environment at missions in P1 cities.

4 May 2026

Written by James Whitfield, Senior Security Consultant

Speak to the Team

Diplomatic missions occupy a unique position in the security landscape: they are simultaneously sovereign territory of the sending state, highly symbolic targets for political violence, intelligence collection environments for the host state, and duty of care employers for both diplomatic and locally employed staff in some of the world’s most challenging security environments.

For corporate security professionals, the diplomatic security world intersects with private sector practice in several ways: OSAC as an intelligence resource, RSO as a contact in high-risk markets, the threat environment affecting missions as a proxy for the broader country risk, and the security standards applied at diplomatic premises as a reference point for comparable facilities in P1 cities.

The diplomatic security architecture

The Regional Security Officer (RSO). The RSO is the US Diplomatic Security Service agent assigned to a US embassy or consulate as the mission’s security lead. The RSO manages the local guard force, conducts threat assessments, coordinates with host-nation security services, and advises mission leadership on security. For corporate travellers and security providers, the RSO is the most accessible government-held source of current threat intelligence in the country.

OSAC. The Overseas Security Advisory Council (osac.gov) is the formal channel between US Diplomatic Security and American private sector organisations overseas. OSAC country reports, city threat briefs, and sector reports are freely available to registered organisations and are among the most consistently cited open-source intelligence products in travel security briefing. UK equivalents are the FCDO Travel Advisories (gov.uk/foreign-travel-advice) and the FCO-funded Conflict, Stability and Security Fund (CSSF) country analysis.

The diplomatic warden system. Most diplomatic missions operate a warden system for nationals of the represented country in the host country. Wardens are typically senior members of the expatriate community who agree to assist in communication and accountability in an emergency. UK nationals should register with the FCDO LOCATE service; US nationals with the Smart Traveller Enrollment Program (STEP). Both provide the mechanism by which the mission contacts nationals during an emergency and confirms their safety.

Threats to diplomatic missions

Terrorism. Embassies and consulates have been priority targets for terrorist organisations throughout the post-Cold War period. The 1998 simultaneous bombings of the US embassies in Nairobi (213 killed) and Dar es Salaam (11 killed), the 2012 Benghazi attack, and multiple attacks on embassies in Afghanistan and Iraq are the high-profile events, but embassy attacks are more frequent than the major incidents suggest. TTSRL (Terrorism and Targeted Violence Reporting List) data shows that embassy and consulate attacks are concentrated in markets with the highest anti-Western political sentiment and weakest host-government protection capability.

Protest and civil unrest. Missions are the physical focal point for political protest directed at the represented government. US and Israeli embassies are historically the most frequent targets globally, but as geopolitical alignments shift, the range of missions subject to protest has expanded. Security planning for diplomatic premises must account for the possibility of protest movements of a scale that requires host-government police support – and the risk that host-government police support may be unavailable or insufficient.

Intelligence collection. Every major intelligence service in the world allocates resources to the surveillance of diplomatic missions. Staff movements are monitored, communications are targeted, and locally employed staff are approached for recruitment. The counter-intelligence discipline required of diplomatic staff – and by extension, of executives whose meetings take place at or near diplomatic premises – is more rigorous than standard corporate travel security.

Consular fraud and impersonation. Criminal networks exploit the trusted status of diplomatic missions – particularly consular sections – to facilitate identity fraud, visa fraud, and money laundering. For corporate organisations with operations requiring frequent consular engagement (visa support, document legalisation, emergency travel documentation), the security discipline around consular interactions is relevant.

Locally employed staff security

LES at diplomatic missions are the primary intelligence penetration target for host-country security services. They have genuine access, language capability, and the routine presence that makes them more operationally valuable than casual surveillance of the perimeter. Intelligence service recruitment approaches to LES are documented across all five P1 regions.

The LES security management framework:

Initial vetting. Identity verification, employment history, criminal record, financial background, and reference checks at the standard applicable to a role with access to sensitive material. In P1 markets where public records are unreliable, this requires professional vetting support.

Periodic re-vetting. At intervals defined by the role’s sensitivity, and specifically following significant life events (financial pressure being the most common recruitment leverage). A re-vetting programme is not a punitive exercise – it is a welfare and security management tool.

Security briefing. LES should be briefed on the specific approaches that intelligence services make to staff in their role – not in a way that generates paranoia, but in a way that enables them to recognise and report an approach without feeling that reporting will damage their employment.

Confidential reporting mechanism. LES who are approached by an intelligence service need to be able to report this without career consequences. A confidential reporting channel, clearly communicated and trusted, is the operational mechanism.

For the close protection operations in Middle Eastern cities where diplomatic security standards are highest and the threat to diplomatic personnel is most acute, see our close protection in the Middle East guide. For government and public officials whose security requirements overlap with diplomatic security in P1 city environments, see our security for government and public officials guide.

Sources

US Diplomatic Security Service: Annual Report 2024, Bureau of Diplomatic Security. OSAC: Overseas Security Advisory Council Programme Overview and Country Reports 2024, osac.gov. FCDO: Foreign Travel Advice and LOCATE Service, gov.uk, 2024. State Department: STEP – Smart Traveller Enrollment Program, 2024. Control Risks: Diplomatic and Government Sector Risk Assessment, RiskMap 2025. RAND Corporation: Embassy Security and Diplomatic Protection after 9/11, 2023. START/GTD: Embassy and Diplomatic Target Terrorism Dataset, University of Maryland, 2024. ASIS International: Diplomatic and Government Security Standards, 2024.

Summary

Key takeaways

The RSO is the primary resource for security intelligence and support at US embassy posts globally

For corporate security professionals with operations or travelling executives in countries where a US embassy is present, establishing a working relationship with the RSO prior to an incident is an investment in crisis capability. The RSO's country and city threat assessments are typically more current and more granular than any commercial intelligence product. Registration with OSAC at osac.gov provides formal access to this intelligence stream.

Locally employed staff are the primary target for host-country intelligence service recruitment

LES at diplomatic missions have the access, language capability, and routine that makes them valuable targets for intelligence services seeking penetration of the mission. Periodic re-vetting, anomaly monitoring, a confidential reporting mechanism for recruitment approaches, and a duty of care programme that addresses their specific vulnerabilities are not bureaucratic overhead -- they are the primary countermeasure for the most common form of mission intelligence penetration.

Diplomatic premises are not immune from terrorist attack in P1 cities

The 1998 Nairobi and Dar es Salaam bombings, the Benghazi 2012 attack, and multiple Afghanistan incidents demonstrate that diplomatic missions are priority targets for terrorist organisations with political grievances against the represented government. For private sector organisations that use embassy compounds for meetings or that collocate with diplomatic missions in shared office premises, the threat profile of the host mission is relevant to the security assessment of the location.

Emergency action plans must be tested, not only written

An EAP that has not been tested is a planning document, not an operational capability. The warden system only functions if wardens know their role. The shelter-in-place location only works if staff have been to it. The communication tree only delivers accountability if it has been rehearsed. Annual testing -- at minimum a tabletop exercise, ideally a partial physical drill -- is the standard. Plans should be updated after each test to reflect gaps.

OSAC country security reports are among the most consistently reliable open-source intelligence products available

OSAC country and city security reports, produced by US Diplomatic Security Service in collaboration with local RSOs and host-nation intelligence, are freely available to registered organisations and are updated on a regular cycle. They combine threat assessment, city and regional breakdown, and sector-specific risk analysis in a format that is directly usable for pre-trip security briefing, duty of care documentation, and insurance programme compliance.

FAQ

Frequently Asked Questions

The Regional Security Officer (RSO) is a US Diplomatic Security Service (DSS) special agent assigned to a US embassy or consulate to manage the mission’s security programme. The RSO is responsible for: conducting threat assessments, managing the local guard force, advising the Ambassador and mission staff on security matters, coordinating with host nation security services, overseeing the emergency action plan, and managing the Overseas Security Advisory Council (OSAC) relationship with the local business and NGO community. RSOs at high-threat posts in P1 cities carry a significant protective and intelligence function. For non-US diplomatic missions, the equivalent role varies by country – the UK Foreign, Commonwealth and Development Office (FCDO) deploys Diplomatic Service Protection Officers and works with DSS via bilateral security cooperation arrangements. For corporate travellers and security providers, the RSO is a primary resource for threat intelligence and in-country security contacts at US embassy posts globally.

The Overseas Security Advisory Council (OSAC) is a US government and private sector partnership established in 1985 under the Omnibus Diplomatic Security and Antiterrorism Act. It provides security information, analysis, and a communication channel between the US Diplomatic Security Service and American private sector organisations operating overseas. OSAC produces country security reports, city-specific threat briefs, and sector reports (energy, healthcare, NGO, education) that are among the most consistently reliable open-source security assessments available. Security professionals use OSAC as a primary reference for pre-trip threat assessment, supplemented by Control Risks, GardaWorld, and the relevant FCDO travel advice. OSAC reports are freely available to registered organisations at osac.gov. For the purposes of due diligence and YMYL compliance, named and dated OSAC reports are citable sources for factual security claims about specific countries and cities.

The threat landscape for diplomatic missions divides between facility threats and personnel threats. Facility threats include: terrorism directed at embassies as symbolic or strategic targets (US embassy bombings Nairobi/Dar es Salaam 1998, Algiers 2007, Kabul multiple incidents, Benghazi 2012), protest movements directed at the mission (historically common at US and Israeli embassies; now relevant to a wider range of missions as geopolitical tensions proliferate), and criminal exploitation of diplomatic premises or personnel for fraud and money laundering (a growing concern in some P2 markets). Personnel threats include: targeted kidnapping of diplomatic staff (concentrated in high-KFR environments – Colombia, Afghanistan, Iraq, Syria historically), surveillance of staff as intelligence collection targets (all major intelligence services conduct surveillance of diplomatic personnel), hostile approach or recruitment attempts targeting locally employed staff, and gender-based violence and harassment for female diplomatic personnel in misogynistic cultural environments.

Locally employed staff (LES) at diplomatic missions are among the most valuable and most vulnerable elements of the mission’s security architecture. They typically have greater local language capability and community access than diplomatic staff, they hold sensitive administrative and operational roles, and they are frequently the target of intelligence service recruitment approaches by the host country’s security apparatus. The security management framework for LES should include: documented vetting at appointment (identity, employment history, criminal record, financial background – the vetting standard should be higher than standard commercial employment given the sensitivity of the role); periodic re-vetting particularly following significant life events (financial pressure, family illness, divorce); a security briefing covering their specific vulnerabilities (recruitment approaches, social engineering, social media discipline); a confidential reporting mechanism for approaches they receive; and a duty of care programme covering their physical safety in the host country’s security environment. LES security is an area where many diplomatic missions have historically underinvested relative to the risk.

The emergency action plan (EAP) for a diplomatic mission provides the procedures for responding to a range of threat scenarios: fire, medical emergency, civil unrest, attack on the compound, hostage-taking, and evacuation of non-essential personnel. The EAP framework includes: a designated assembly point within the compound for initial accountability; a shelter-in-place location for scenarios requiring personnel to remain on compound (attack, civil unrest); an emergency communication tree (how staff are notified, which channel, in what sequence); a warden system (each section or floor has a warden responsible for accountability); a list of essential personnel who remain versus non-essential who evacuate; and an authorised departure and ordered departure protocol (the specific threat levels that trigger partial or full evacuation of mission personnel). The EAP is tested at least annually, usually in a tabletop exercise with embassy leadership and section heads, and updated after each test to reflect gaps identified. UK nationals at diplomatic missions are encouraged to register with the FCDO LOCATE service to ensure they are captured in the accountability process.

Get in Touch

Request a Consultation

Describe your security requirements below. All enquiries are confidential and handled by licensed consultants.