The targeted killing of United Healthcare CEO Brian Thompson serves as a stark reminder that all enterprises and high-profile individuals, whether private sector or governmental, can find themselves in a heightened threat environment with little apparent warning.
Any public figure — whether chief executive or board member of a major corporation, partner of an international law firm or elected official — can be targeted for myriad reasons. Often the motive is personal retribution by those who feel aggrieved by official actions taken by those figures: investments of the corporation or policies that have impacted their customers, clients that law firms have chosen to represent, or stances the politician has taken. The Internet — and more specifically social media — has intensified the threat environment, providing a venue to air these grievances, as well as being a source of personal information like home addresses, social activities, and even friends and relatives of high-profile individuals, which are used to personalize intimidation tactics by threat actors.
The massive support for Thompson’s alleged killer on social media further illustrates the potential dangers.
It is vital that organizations commit their own resources to develop a comprehensive internal security capability for the protection of their physical assets, reputations and people. Such programs must consider the ever-evolving nature of threats and the increased sophistication of actors, and they must have the ability to identify vulnerabilities, assess the viability of identified threats, and deploy investigative and security assets to ensure the safety of those being threatened.
Some 58% of senior executives at companies with more than 5,000 employees said their CEO received physical threats after taking a position on a racial or political issue, according to a 2022 study. Also in 2022, in the United States, more than 14,000 direct threats or “concerning statements” were directed at members of Congress, judges and federal prosecutors. Having had direct responsibility for investigating this latter category during my time as special agent in charge of the FBI’s Washington Field Office, I can speak firsthand to the volume of individuals who feel entitled to threaten bodily harm — or worse — toward those with whom they simply do not agree.
The good news is that cooperation between law enforcement and the private sector to safeguard these targets has never been closer. Intelligence and threat information is regularly shared in each direction to assist in our joint mission of keeping people safe. As a member of several vetted law enforcement partner groups, I receive an invaluable flow of up-to-date threat reporting. But while law enforcement can provide tactical information to incorporate into threat-mitigation plans, in almost every case, they cannot provide the officers or agents to execute these plans and do not have resources to dedicate exclusively to any given corporation or individual. Corporate and individual security programs need to establish a solid relationship with law enforcement as a component of overall security strategy and also develop their independent program to cover the gaps.
The best security programs are built on a solid foundation of relevant data. Internally, that may include up-to-date inventories of corporate assets and accurate calendars of planned public-facing events and executive travel. Externally, it may require robust online monitoring components that actively track evolving conversations about a company and its executives across mainstream and alternative social media platforms, blogs and messaging sites, and online content repositories in the deep web and dark web to identify any emerging threats. In retrospective examinations of prior targeted incidents, it is not unusual to discover online comments, messaging and conversations that indicate a willingness to transition from disparaging speech to violent attacks. Corporate security programs must commit to persistent monitoring, which is tailored to trigger alerts when their people and assets are the subject of these postings. In addition to monitoring for targeting of personnel and assets, it is also critical that any security plans that are implemented safeguard venues and individuals during high-threat times such as public-facing events and also during routine workdays.
Threat actors — those who seek to physically harm public figures — today have an abundance of publicly available digital information that allows them to conduct pre-operational surveillance of their intended targets. Prior to publicly advertised events, information such as lists of speakers, time slots, hotel floorplans, and after-event get togethers at which individuals may be appearing make the job of a threat actor that much easier by drawing a straight line to the victim’s location at a particular moment in time. All this information adds to a mosaic that threat actors can capitalize on in formulating their plan of attack and their escape routes.
It is critical that public figures, particularly those that are the subject of credible threats, have their own security details. I frequently address the misconception that a venue will provide security details for a client who is speaking or attending a public event in their space. This is not the case. Individuals at risk must implement their own security measures. Similarly, if a venue is hosting a high-profile individual, it is not the case that their security will support the needs of the venue and their assets. Venues and organizers of publicized events must provide a comprehensive security package to ensure the safety of those who attend.
Although last week’s killing of a corporate executive on a well-traveled street in New York City may seem to some to have brought us into a new chapter in the corporate security, sadly it has not. The environment that provided the setting for this jarring tragedy has existed for quite some time. It is up to private security to use the tools available to them and comprehensive detection and mitigation plans to ensure the safety of their people and assets.