WASHINGTON, DC - 25 APRIL: U.S. Health and Human Services Secretary Robert F. Kennedy, Jr., (C) is taken out of the ballroom by security agents during a shooting incident at the annual White House Correspondents' Association Dinner at the Washington Hilton on 25 April 2026 in Washington, D.C. (Photo by Andrew Harnik/Getty Images)

Correspondents’ Dinner Attack Places Scrutiny on Semi-Public Venue Security

By Claire Meyer

27 April 2026

Can a working hotel also provide a secure meeting space? In most cases, absolutely. But a determined attacker can find gaps in those security plans, as witnessed in the attempted attack during this past weekend’s White House Correspondents’ Dinner.

What We Know

Just minutes into the annual dinner on 25 April—usually touted as a celebration of First Amendment protections for the press—a man charged past a U.S. Secret Service security checkpoint in the Washington Hilton lobby and attempted to gain access to the ballroom.

Shots were fired, allegedly by both law enforcement agents and the assailant. Secret Service agents tackled and apprehended the suspect, who was armed with a shotgun, a handgun, and multiple knives, according to a DC Police statement on social media. One Secret Service agent was shot in his protective vest during the struggle; he was not seriously injured.

U.S. President Donald Trump, Vice President JD Vance, and a number of Cabinet officials were in attendance. After the gunshots, Secret Service personnel rushed the president and vice president were rushed off the dais. Security details then escorted cabinet secretaries and other government officials out of the ballroom. Other event attendees hid under tables. Around 3,000 people were in the ballroom at the time.

About 30 minutes after the law enforcement action, hotel staffers told attendees to leave the ballroom. Shortly afterward, law enforcement requested that any remaining attendees leave the premises. Trump hosted a press conference at the White House later that evening, speaking of national unity and calling the assailant a “lone wolf.”

The suspect has been identified to press sources as Cole Allen, 31, of Torrance, California. Allen allegedly took a train from Los Angeles to Washington via Chicago (a multi-day, 70-plus hour journey), and he checked into the Hilton hotel a day or two before the event, according to U.S. Acting Attorney General Todd Blanche.

In a 1,000-word message sent to family members minutes before the attack, Allen described himself as a “Friendly Federal Assassin” and railed against recent U.S. government actions. He did not name Trump specifically, the Associated Press reported. Allen’s brother contacted police in Connecticut after receiving the message.

The message claimed Allen went to the Washington Hilton looking for members of the Trump administration to harm. The message cited outrage at recent governmental policies and sexual misconduct allegations, and offered religious justifications for his actions, The New York Times repor ted.

The note claimed that administration officials—except for FBI Director Kash Patel—were targets, Secret Service agents were “targets only if necessary,” and that hotel security, Capitol Police, National Guard, hotel employees, and guests are “not targets at all.” The message critiqued the security at the Washington Hilton, mocking what the writer described as lax precautions. The writing also included an extensive list of apologies to the suspect’s friends, students, and family.

U.S. federal prosecutors charged Allen on 27 April with one count of attempted assassination of the president of the United States, one charge of interstate transmission of a firearm and ammunition to commit a felony, and one charge of discharge of a firearm during a crime of violence. If convicted, he could face up to life in prison.

Jeanine Pirro, U.S. attorney for the District of Columbia, said in a press conference Monday afternoon that more charges against Allen could be forthcoming as the investigation continues.

Pirro added that in an email manifesto attributed to Allen, the suspect makes clear that his plan was to target administration officials, prioritizing his targets from the top down, and that he “would not hesitate” to get involved in an encounter with anyone who attempted to block his access to the president.

During the press conference, Blanche explained that investigators are continuing to assess forensic evidence to determine who was responsible for shooting the Secret Service agent, just one of five shots fired during the incident. Investigators have also collected devices from the suspect's home and hotel room to glean more information about his motive and preparation for the attack.

Both Blanche and Pirro praised the quick actions of law enforcement agents on Saturday evening for intercepting Allen, who had a 12-gauge pump action shotgun and a .38-caliber pistol in his possession, before he could enter the ballroom.

“That horrible act was stopped because of the courage and professionalism of law enforcement, the officers who responded without hesitation and did their jobs as they were trained to do,” Blanche said.

Allen is scheduled to appear in court again on 30 April to determine if he will be held in custody until his trial date.

Security Measures that Worked

On the one hand, the event’s security worked incredibly well. The Washington Hilton has hosted the Correspondents’ Dinner for nearly 60 years, and security teams—both public and private—are very familiar with how to run layered event security there.

The Hilton’s ballroom is on a lower level, so most guests entered from the ground floor and were screened and escorted down escalators to the ballroom after their tickets were checked. Cabinet secretaries and government officials were brought in a back entrance with their security details.

“Just past the screening, law enforcement officers were posted to make sure no one who should not proceed to the ballroom got through,” the Times reported. “Inside the ballroom, Secret Service counterassault teams were positioned to respond should something happen, according to a law enforcement official briefed on the plan who was not authorized to speak about it publicly. And some agents were dressed as waiters to blend in as they looked around the room.”

The assailant emerged near the hotel elevators and sprinted through one security checkpoint, reaching the stairs leading down to the dinner. Multiple officers rushed him within seconds, stopping him before he could reach the ballroom level.

Security at the event was layered, with outdoor perimeters, Secret Service security sweeps, and agents stationed at multiple key points. Once inside the hotel, dinner guests had their tickets checked at multiple points to gain access to the ballroom, they had to walk through a magnetometer, and their bags were inspected. After Trump was seated at the head table, no one else was permitted to enter the area. The Secret Service had created a special security perimeter for the head table and personal safety zone for Trump himself, USA Today repo rted.

White House Correspondents’ Association incoming president Jacqui Heinrich said there were multiple meetings between the White House, the Hilton, and the association to review security plans. In a statement to journalists, Hilton said that “the hotel was operating under stringent security protocols for the property as directed by the U.S. Secret Service, which led security for the event in coordination with a wide range of security teams.”

Security Lessons Learned

The Washington Hilton is a huge venue to secure; it's also a popular destination for travelers given its 1,107 rooms near prominent Washington, D.C., attractions. Journalists, political pundits, and other figures sharply criticized the lack of security screening for hotel guests and their luggage before the event. The Daily Beast’s executive editor, Hugh Dougherty, claimed he had been staying in the hotel room next to the alleged assailant. Dougherty noted that apart from the clerk checking his ID during hotel registration, no one had verified his identity while he traversed the hotel, and no one screened his luggage.

Jason Pack, a former FBI official, told The Wall Street Journal that the attacker “didn’t beat the security plan the night of the dinner. He beat it the day he made the reservation. They built that perimeter to stop an army. Turns out all he needed was a room key.”

But in most hospitality venues, that’s typical. Luggage is not screened for each guest, and your room access control card serves as an identifier once you check in. Security leaders are questioning, though, if traditional protocols at these venues are sufficient in today’s threat landscape.

“While the protective model for last night’s event proved effective, the key takeaway for future events is that enhancements should be expected at every level,” said Secret Service spokesman Anthony Guglielmi, as reported by the Journal. “We are actively focused on identifying the trigger for this incident and fully understanding the factors that led to it.”

The chaotic disruption spurred Trump to call for the completion of a new White House ballroom, which would be easeier to secure, with bulletproof windows and other standard White House security features, the Times reported. Construction on the ballroom has been stalled by a number of legal setbacks.

However, hosting high-value events at hotels and other public venues remains feasible, but only through thorough preparation, says Chuck Randolph, senior vice president of strategic intelligence and strategy at 360 Privacy. Previously, Randolph held critical executive protection and risk intelligence roles within private corporations such as Microsoft and AT-RISK International, which included mitigating risk at major events.

“The key is treating each high-profile event as its own distinct security problem,” Randolph tells Security Management. “It begins with a rigorous risk assessment that drives everything downstream—layered security, progressive access controls, and blended law enforcement integration. Equally critical is protective intelligence: understanding the threat environment before the event, not discovering it during one. And none of it functions without genuine coordination among all stakeholders (hotel security, event security, law enforcement, and executive protection) operating from a true common operating picture.

“When those elements are present, hosting hotel guests alongside a high-profile event is not a contradiction,” he continues. “When they’re fragmented or treated as an afterthought, even the most resourced venue becomes exposed.”

The threshhold question is never simply, “can we secure this event,” Randolph adds. “It is ‘can we secure this event here, with these resources, against this threat profile.’ That conversation must happen openly and honestly between security leadership, event planners, and hotel management before a contract is signed. The outcome may be ‘yes, and here is what that requires,’ but it must be grounded in a realistic assessment of what the venue demands and what resources are genuinely committed to meeting it.”

When it comes to hotels, these hospitality centers carry dual responsibilities: They must maintain general guests’ safety and high-profile events’ security requirements.

“Those two obligations are not in conflict, but they must be deliberately managed in parallel,” Randolph says.

Guests checking in during a major event should expect an elevated security posture, and hotels should communicate about that expectation.

“The Washington Hilton incident is a stark reminder that a registered hotel guest can become a threat vector,” he adds. “That reality should inform how security teams think about the full population inside the building, not just those screened into the event.”

This is especially notable during today’s heightened threat environment, Randolph says, including increases in targeted violence.

“Targeted violence introduces intent, planning, and patience…none of which traditional screening alone reliably stops,” Randolph explains. “This incident is instructive, as signals existed. The suspect’s family raised concerns to law enforcement before the attack. That those warnings didn't reach the right people in time reflects one of security's most persistent failures: We are not suffering from a shortage of data—we are suffering from a shortage of connection.”

While open-source intelligence, behavioral indicators, and personal observations from close connections can signal potential threats, the challenge is connecting those dots as signals of potential violence in time, he adds.

“Vulnerability assessments are equally non-negotiable, and their scope must extend beyond security to encompass safety,” Randolph explains. “A thorough site survey identifies not just external avenues of approach but internal ones. In this case, a registered hotel guest used knowledge of the building's layout to bypass monitored areas entirely—a venue-specific vulnerability that rigorous assessment should surface and a layered security plan should close.

“High-profile events will always carry elevated risk, particularly when attendance is publicly known in advance,” he continues. “The answer is not to avoid them; it is to plan for them with the discipline and resources the threat profile demands.”

Editor's Note: This article was updated at 4:15 p.m. ET on 27 April to include information about the charges against Allen. Additional reporting by Megan Gates, senior editor at Security Management.

Interested in learning more about executive protection principles? ASIS International members can access the eBook version of the Executive Protection Standard for free.

Read more from Security Management about political violence, targeted attacks, and event security in these articles: