Study Finds Increase in Cybersecurity and Physical Security Attacks Against Executives

In the art of protective and tactical intelligence, trends and analytics matter. Information and intelligence feed “living” threat assessments and should drive your cybersecurity and physical security strategy, coverages, and resources. Protection resources cannot be logically allocated to protect executives and companies without first understanding the holistic threat landscape.

In the executive protection security space, it’s also critically important to understand what threats are being “dragged” or brought to your company or the venue by others. For example, your Chief Executive Officer (CEO) may not be a target at this moment in time, but others attending your event may be.

The Center for Protective Intelligence recently received a study conducted by a Fortune 50 technology company that provides insight into historical attacks on corporate business leaders and corporate security trends within these incidents to increase Protective Intelligence and Operations (PIO) analysts’ situational awareness. These findings can help teams gain a better understanding of the current threat landscape to executives and the changes in threats throughout the past 18 years.

Between 2003 and 2021, there were a total of 206 physical and cyber-attacks directed towards executives. Here are a few of the data points I found most interesting: 

Demographics

• 69% of the targets were CEOs and at least 1/3 of these attacks did not have executive protection personnel present at the time of the attack.
• Executives in the tech, financial and entertainment industries account for 50% of the attacks (followed by energy, retail and healthcare.) 
• The most common cities in the U.S. where executives were targeted were San Francisco, New York City, Dallas, Washington, D.C., and Los Angeles. Austin had zero which is surprising, considering the large presence of tech companies and CEOs. Furthermore, over half (57%) of attacks took place in the executive’s city of residence. When comparing incident settings, almost half (44%) of the attacks took place at an executive’s primary residence and 41% occurred in a public setting. These points dictate that residential security services for the executive matters and so does cyber and physical protection at public events.

Motive

• Interestingly, over half of all assailants had a financial or activism-related motive and another common theme of protests was anti-billionaire sentiment. This is solid data to know since many executive protection services and private security teams protect high net worth individuals and their families.
• To hammer this point home, 73% of protests occurred at the executive’s home. This is very scary to watch if you are the executive or family targeted, in that the personal risk based on your job and position makes close protection essential for peace of mind.

Physical Security vs Cybersecurity

• Cyber incidents included CEO impersonation, business email compromise, cyberstalking, emailed death threats, social media account and phone hacks, and online terrorist propaganda. This is a signal for the ongoing need for the convergence of physical security and cybersecurity – most physical threats originate in cyberspace today. Therefore, you need to be looking for these threats to ensure proper executive cybersecurity protection.

Understanding your threat landscape is critical in our business because security resources and manpower should be threat-driven. Having sound data and trends helps fill intelligence gaps and create effective executive security solutions.  We hope that some of this data helps with your “living” threat assessments. At minimum, the trends and information should add to your overall situational awareness of the cybersecurity and physical security threat environment.

Want to dive deeper into these research findings? Download the full report: Executive Targeting: Analysis into the Protection of Corporate Business Leaders