The U.S. Department of Government Efficiency (DOGE), working under an executive order, physically took over the U.S. Institute of Peace (USIP) headquarters in Washington, D.C., in March 2025.

After escorting USIP leadership from the building, including then Chief Security Officer Colin O’Brien, DOGE basically dismantled the institute. It fired most of the staff, shut down its international and domestic operations, and transfered its assets.

Two months later, however, a U.S. district court judge ruled that what DOGE had done was illegal and ordered it to return all USIP assets. The news, released on Friday, 19 May, was a bit of a shock.

O’Brien, who had been fired, was on his way to the airport to fly to Cleveland, Ohio, for some security gig work that a contact had set him up with while he looked for a new job. He received the news in a brief text that simply said, “We won,” followed by another message with the four-page summary of Judge Beryl A. Howell’s opinion in USIP’s favor.

“I didn’t see that coming,” O’Brien admits. “Then my brain starts kicking in, so my next question, in the same breath, was, ‘Has the government asked for an emergency stay yet?’”

It hadn’t yet. So, USIP leadership ramped up its recovery plan to get back onto its headquarters site, control it, and be prepared for whatever came next. 

“We knew that there were a couple of people inside the building. We knew it wasn’t fully abandoned,” O’Brien says. “We started putting together a plan.”

Getting in the Door

During those two months before Howell’s ruling, O’Brien says that USIP President and CEO Ambassador George Moose continued to push the team to create a contingency plan in case the court ruled in USIP’s favor. Part of that plan would be carried out by O’Brien.

First up, O’Brien needed to hire a new contract security provider. USIP’s former contract security provider—Inter-Con Security— and the Metropolitan Police Department (MPD) had assisted DOGE with the takeover. Inter-Con Security did not return repeated requests for comment on this article.

O’Brien looked to a smaller company that hired retired police officers who were not previously MPD personnel. He wanted to work with retired law enforcement because he wanted a crew of security officers with decorum and de-escalation experience who could handle themselves well.

“After my recent experience with D.C. Metropolitan Police, I sadly do not have a lot of trust for the officers here,” O’Brien says. “Maybe it’s a leadership issue versus the individual [officers], but that left a mark.”

Second, USIP needed to create a plan to reenter the USIP headquarters site. It had a court order saying that the site belonged to USIP and that the federal government needed to relinquish it. But there was still a concern that the government might obstruct the reentry process.

Ultimately, the decision was made to have the security team go to the site on Monday, 21 May, with the court order, knock on the door, and see what happened. One of O’Brien’s senior team members, Theresa Durham, a former senior special victims unit detective with vast experience in handling delicate situations, took the lead. She was accompanied by the new armed contract security guards who, once inside, would be responsible for locking the building down from the inside and securing it.

When Durham and the new security officers arrived at USIP headquarters, they could tell by a car parked in the portico area that someone was inside. A special police officer walked outside, and Durham engaged him. The officer then suggested that Durham come inside to continue the discussion, and the USIP group agreed.

The special police officer called the General Services Administration, which had control of the building until that moment, to alert it to the situation, and then cleared out the limited gear he and another officer had there. There was no confrontation. 

“It comes down to hiring someone who knows when to take initiative,” says O’Brien, who was listening in on speakerphone during the interaction. “The opportunity was there to do this. To do it in a way that doesn’t make a gaudy scene. That does the right thing. [Durham] took it. That’s why you hire well.”

The building was now back in USIP’s control. O’Brien then called Moose, who was driving to headquarters, to share the good news.

“You could feel the smile through the phone,” O’Brien says. “How often can you say that?”

---

It comes down to hiring someone who knows when to take initiative.

---

The Assessment

Moose arrived on site and did an initial walk-through with the security team, with O’Brien arriving on-site later that evening after his brief trip to Cleveland.

The facilities had not been trashed, but O’Brien says there were signs of neglect. There was some damage—USIP flags and letters for signs were missing. Work materials that USIP staffers had left in their offices, however, appeared untouched.

“It felt like I walked into a zombie apocalypse movie in that the world disappeared—not a paper moved,” O’Brien says.

The next day, O’Brien did another walk-through with USIP’s head engineer. They discovered that the building’s water pump had been turned off, which could have been catastrophic if not addressed immediately, and that the hatch to the building’s roof to access a cooling tower had been damaged. Alarm panels had broken keys in them. Then, there were the IT issues.

DOGE had ordered all USIP employees to come in to turn in their laptops or mail the devices to the headquarters site. But DOGE wasn’t allowing mail deliveries when it had control of the site, so it’s unclear where that returned equipment ended up. The laptops that did arrive, however, were stacked haphazardly in a room, with no documentation concerning who had used them and what data they might retain.

DOGE was “trying to shut this place down, but they were doing it in a way where you couldn’t guarantee inventory,” O’Brien says.

The IT team went through USIP system by system to assess it and rebuild. Two weeks after getting in the door, USIP regained control of its own network and its website was back up—efforts that O’Brien says “put a pulse back into the place.”

While they were still working on getting the Wi-Fi working, the IT team made sure that hard Internet—using Ethernet—was an option for connection.

“It’s a Herculean task being done by a handful of people that are punching above their weight class,” O’Brien says of his IT colleagues. “This is like the old Nintendo reference of Little Mac versus Mike Tyson. There’s a whole bunch of Little Macs down there, and they’re beating the crap out of Mike Tyson.”

Meanwhile, O’Brien was figuring out how to secure three buildings at the headquarters site with extremely limited money and people. He framed the problem as: What do I need to make sure someone doesn’t get into the site who doesn’t have permission to be there?

First came figuring out how to lock the doors. The badge readers were not working, and O’Brien wasn’t sure who had mechanical keys to get into the buildings. So, the security team replaced the locking cylinders on all the exterior doors. Now they could control who could enter the site.

Next was assessing the surveillance camera system. O’Brien had to do a full reset, including changing passwords, to regain control of it.

“The priorities were to make the building safe—life safety and security, like the fire alarm and making sure it was functional,” O’Brien says.

Then O’Brien and the engineers began identifying repair issues. These included fixing the cooling tower and treating the building for pests. In addition, they identified minor fixes, such as repairing drywall damaged by water leaks.

“It was a very thoughtful process between an incredible engineering crew here and my team going ‘Here’s what we really need. Here’s how we’re going to do it.’ Then execute,” O’Brien says. “Also understanding that we don’t have a lot of money to do it with. We’re having to MacGyver the hell out of some things.”

The new guard force was on a short-term contract as USIP’s legal battle continues. While it’s been expensive, O’Brien says the cost was worth it to have professionals securing the building who also have strong de-escalation skills. Those skills were put to the test when the U.S. Department of Homeland Security sent personnel to the headquarters building who were unaware that USIP had retaken control.

“That was almost an issue, but because I had professional people here that knew how to act, it never escalated,” O’Brien says.

Crisis Management

During this two-week window, O’Brien worked continuously. But this is the new mode for crisis management, he says: dealing with an adversary that does not play by your traditional rule book and moves at lightning speed.

“How do you respond with the same speed with ingenuity? You can’t plan for what [DOGE] is doing,” O’Brien says. “It is very much seat of your pants in some cases. Framework, yes. Plan, no.”

This approach is reflected at USIP by improved communication channels to connect the right people at the right time. It’s also reflected by empowering people to make decisions, like Durham’s approach to getting back into USIP.

“It has taught me a new way to look at security,” O’Brien reflects.

The takeover has also changed O’Brien’s overall thinking about risk. Now, he says, it’s imperative for security executives to make risk evaluations based on the risk now, not the risk in the past.

“Long-time high-performing vendors, when the math changes, you need to make sure you’re reevaluating with that changed math—we didn’t,” he adds.

While this was a situation that involved the U.S. federal government, there are takeaways for security executives working in other settings, such as at an organization that is going through a hostile takeover or where a leadership dispute is playing out in the court system.

“A security professional in the middle needs to understand and needs to take the steps necessary to protect the organization until there is a judicial finding,” O’Brien says. “It definitely means challenging your assumptions to risk, and particularly your insider risk.”

There are also financial restraints to consider. USIP lost access to its funding during the DOGE takeover, so resources for the recovery were severely constrained—including for the security team. As a contingency measure, O’Brien says he began creating a succession plan that could allow for the elimination of the CSO role because having an executive-level security person on staff is a major cost.

“My goal was to work through the summer and build the program, so it was manageable and transition it to the level it needed to be run to give the organization the greatest chance of success,” O’Brien recalls.

Reevaluating Controls

Given the extreme breach of trust with USIP’s prior contract security provider, O’Brien says that he has seriously reevaluated its security controls.

Inter-Con Security had had a long-term contract with USIP. Its staff was familiar with the site and was competent. Those factors caused O’Brien to take a hands-off approach, including retaining the previous policy permitting the Inter-Con account manager, Kevin Simpson, to have a master key to USIP that he took home. That’s a policy that generally would not be allowed.

O’Brien says he knew this but rationalized it by looking at Simpson’s background—retired from senior levels of the uniformed division of the U.S. Secret Service.

“Because of his connection with the Secret Service and his ability to deal with VIP events, there was value in him having the access to that when we had to deal with stuff because he knew what he was doing from his career,” O’Brien says. “The flip side is that’s what got us. I will never give an account manager carte blanche access again in any capacity. They can have escorted access.

“And if it is someone of the genre or a type of a Kevin Simpson where they bring value for certain events, the key gets left at work,” O’Brien continues. “Your badge permissions are extremely narrow, unless I extend them.”

Simpson did not return a request for comment on this article.

Going forward, O’Brien anticipates that there will be increased vetting of USIP’s contractors to make sure they are meeting expectations and to reduce the risk of an insider threat.

“Maybe I need someone who’s only vested interest is me. What happened is [Inter-Con’s] biggest vested interest was not me,” says O’Brien, who is now skeptical of contracting with a company that has existing contracts with the U.S. federal government.

Additionally, the option in the future might be to not contract out and to bring more services in house.

“In some sense, contracts are convenient. They do all the work for you,” O’Brien says. “You pay a premium for it. Contracts are not always less expensive. Maybe I just bring it in-house and have the incredible staff I have manage the requirements, whether it’s armed, unarmed, or special police officer.

“Maybe I challenge if I need to be armed. Maybe I don’t. Maybe I do,” O’Brien continues. “We get to that point, but we’re really going to rethink our entire way of looking at something.”

Moving Forward

Towards the end of June 2025, USIP had made significant progress on getting back to business as usual. Program activities were underway, staff members were in the office, and the security team was able to continuously control the headquarters site.

O’Brien says he felt that USIP was in a better position security-wise than it was before the DOGE takeover in March. It had improved its key control system with procedures and implementation for physical and electronic key access and management, increased resilience in its IT systems, improved building lockdown processes, and a more robust insider threat mitigation posture.

“There was no doubt as to people’s loyalties,” O’Brien adds. “Now, compared to then…from an insider threat perspective we were much more confident in people doing the correct legal, moral, and ethical thing.”

---

I will never give an account manager carte blanche access again in any capacity.

---

That confidence was tested yet again on Friday, 27 June, when a U.S. federal appellate court panel of judges issued a stay of Howell’s ruling that returned physical control of USIP’s headquarters to the Trump administration and reinstated Nate Cavanaugh as acting president of USIP.

“None of us saw that ruling coming that day. It was somewhat soul crushing,” O’Brien adds.

Within a few hours a U.S. district attorney gave USIP the order to vacate the headquarters site. O’Brien instructed his team that when a DOGE representative came to headquarters, it was to turn over the physical and electronic keys and allow that individual to enter. He then made the difficult decision to render his resignation to a person he holds in the utmost regard: Moose.

Moose and O’Brien had been through a major experience together during the past several months, and O’Brien says moments like that teach you about the character of the people around you.

Moose’s “moral and ethical compass are beyond reproach,” O’Brien says, “and he’s demonstrated that he’s an exceptional leader. He cares about the people around him.”

Meanwhile, the GSA is controlling the USIP headquarters site and it’s unclear what will happen with the institute itself as the legal battle continues to play out. But George Foote, outside legal counsel for USIP who is representing its board members in the ongoing lawsuit, says that USIP is still in the game.

USIP filed a petition to ask the full appellate court—11 judges—to overrule the panel and vacate its stay. On 2 July, the appellate court issued an order that requires the U.S. government to respond to USIP’s petition by 11 July.

“This is not a lifting of the stay or even a signal of what the court will do, but the court could have let the panel ruling stand, which would mean a stay for a long time and bad news for USIP,” Foote explains via email. “Instead, it means the stay may be lifted pending appeal of Judge Howell’s ruling. The government has not even filed an appeal of her ruling yet.”

 

Megan Gates is senior editor at Security Management. Connect with her at [email protected] or on LinkedIn.

 

MOST POPULAR ARTICLES

1. What is Agentic AI?

2. Staffing Continues to Complicate K-12 Entrance Security

3. Risk vs. Reward: What Security Leaders Need to Know When Using Agentic AI