• United States



by Ira Winkler

Security Lessons from Near-Death Experiences

Jan 20, 20069 mins
CSO and CISOIT LeadershipPhysical Security

As the saying goes, it's not the fall that kills you...Security guru Ira Winkler aptly illustrates how to soften the landing in any crisis.

I have to admit that I live a fairly exciting life. Part of that includes an above average number of near death experiences. They range from walking away from a high speed accident with a tractor-trailer to finding myself two feet from a wild leopard in South Africa. Maybe the secret of walking away from these experiences is that I never thought of them as being near death experiences. I just did what I thought I had to do, while other people who witnessed these things later told me that I was lucky to be alive.

One recent experience seems to best summarize things. I was SCUBA diving in Curacao during some fairly rough surf. The waves were running about 10 feet with some larger swells. While you are underwater, however, that really isn’t much of a problem, especially given that you are generally at least 30 feet down. But to exit the water, we had to go into a small protected cove along the rocks of a breakwater. Obviously the water was shallower near the entrance to the cove.

I was near the rocks, and a large swell sucked me up and I found myself on a small ledge on the breakwater, about three feet above the normal water line. Again, there were 10-foot waves pounding the rocks and now me. The large waves were coming in sets of four or five waves at a time, with about 30 seconds between them, and smaller waves (maybe only five feet) throughout that 30 seconds. I wish I were exaggerating.

The first thing I instinctively did was to grab onto a large rock and hug it tight. After all, the waves weren’t necessarily the problem. It was being thrown into the rocks that could hurt me. The edges of the rocks were very jagged, and I could feel one tear into the side of my thumb as I held onto the rocks as tight as I could.

When the larger waves temporarily subsided, I tried to crawl back into the water, but the smaller waves were still strong enough to almost take my mask off and rip the regulator out of my mouth. I kept remembering the basics that you learn in SCUBA classes; keep your mask on, keep the regulator in your mouth, breath deeply so you don’t panic. I grabbed onto the rocks again to prepare for the next wave of large waves to give myself time to think.

I was in a Catch 22 situation. The best solution was to drop my equipment, so I could climb to the top of the breakwater. If anything went wrong though, I would be in very violent water without my equipment.

By this time, the divemaster for the dive saw what was going on. He first tried to encourage me to get back into the water, and wouldn’t listen to me when I told him that I had tried it and it didn’t work. He then decided to come up onto the ledge I was on to help me in. After he realized why I didn’t want to try to get back into the water, I saw a small opening in the rocks.

I perform some volunteer work that involves diving in zero visibility, which means potentially getting tangled in unseen hazards and going through small openings, and I received training to make sure that I can do so safely. When I saw the opening in the rocks, and it seemed large enough that I could get through with all of my equipment, I decided that this was my best escape option. Ironically, I had to wait for the bigger waves to come so that the water was high enough for me to get to the opening.

I used the next set of waves to get me to the opening, and then the next big wave combined with my working to get through was enough to do it. At this point, I was in clam water inside the breakwater, and I started to take my equipment off so that I could climb up the rocks. By this time, someone came over along the top of the breakwater and helped the divemaster up, and got me and my equipment up as well.

When I got out of the water, I was really embarrassed and wanted to get out of there. Someone volunteered to take care of my equipment and told me that I had blood dripping from my hand. I just said I was going to clean myself up and walked away dejected.

Again at the time, I never thought my life was on the line. I just assessed my situation and continually made the best decisions I could given the information available. It wasn’t until later that I was told by people who observed the situation that they thought I would die. Maybe if I realized how dire the situation was, I would have panicked and I would have died. At the time though, I was only focused on what was the best thing to do at the time.

The first thing to consider is that I probably shouldn’t have gotten into the situation in the first place. I could have stayed further away from the breakwater, which would have allowed me to stay deeper and not be caught in the swell that sucked me up. From a typical security perspective, you generally find that the bad situations you are in result from human error. Even well trained people slip up, and when they slip up the results tend to be the worst.

Grabbing onto the rocks is not something they tell you to do in your normal open water SCUBA class. It’s not even something they tell you to do in divemaster class. However, I made the decision that the greatest risk I faced was being smashed into the rocks, and to protect myself, I needed to reduce that risk. When faced with a security incident, you have to decide what is the biggest source of potential damage. Frequently, it may not be anything you were trained for or have any background in, and you have to go with your gut. The more damaging the situation is, the more quickly you have to act.

Grabbing onto the rocks clearly caused me to tear my thumb open, but it was the best thing I could have done. The only other injuries I sustained were a few scrapes on my knees. The worst injuries were essentially self inflicted. The obvious analogy for security is that you sometimes have to draw some blood for the larger good.

At the same time, the embarrassment I suffered as a result of the situation was similar to the embarrassment organizations suffer when they are the victim of an incident. In hindsight, I should theoretically be proud of having the skill to walk away from the whole thing. The reality is that it is still somewhat embarrassing that I got into the situation in the first place. I still want to strongly recommend to companies that when you have negative events, use the events to your advantage and embrace what you did properly. In the worst case, you can use the incident as justification to implement stronger security measures.

This also brings up the issue of training and experience. While I may not have been trained for this particular type of situation, my experience and other training led to my gut instinct being correct. The more training and experience a person has, the more likely they will react better to unforeseen problems.

Additionally, more training and experience allowed me to choose the option of going through a relatively small opening in the rocks. Training and practical experience will allow security staffs to choose options that other people would not feel comfortable pursuing. This attests to the hiring of seasoned professionals, as well as investing in training.

The most important issue though is the importance of mental focus. During this incident, and my other near death experiences, I was constantly focused on what actions to take next. I wasn’t wasting brain cycles trying to decide how bad the situation was, which would have likely caused the situation to spiral downhill quickly. While it is important to realize that a situation deserves immediate attention, as long as you give the situation all required resources, the scope of the situation is irrelevant. When responding to critical situations, the focus has to be on maintaining life support, in my case keeping my equipment in place, and then to determine the best way to deal with the crisis. This is important in all security incidents.

There’s an old saying that goes, “It’s not the fall that kills you; it’s the landing.” While it may be intended as a joke, it is a very important distinction. The fall means that you are experiencing some crisis that could have disastrous results. Until you land, however, you can create ways to survive. You have to focus on softening or avoiding the landing. In most crisis situations, you have the time to make rational decisions and should do so accordingly. If you start contemplating the landing instead of focusing on the actions to take that are appropriate at the time, you will experience the worst.

Also consider that if you are falling off a cliff, wouldn’t it be great to have previously taken a skydiving course, and be wearing a parachute.

In the ideal world, I would have never got into the near-death situations I was in, and no organizations would ever have a security incident. That is not the real world. As another old saying goes, “A ship in port is perfectly safe, but that is not what ships were meant to do.” The more you put yourself out there, the more you will experience problems. You are not in control of what will happen, but you are in control of how well you prepare yourself and how you handle the problems. You just have to figure out what to do when you’re falling.