Wrong Place Wrong Time: Protective Intelligence While Working Overseas
- Understanding global protective intelligence risks is essential to understanding your overall global threat assessment.
- Knowing who may be “dragging” a threat to your meeting is critical.
- Nation-State intelligence services exist to steal secrets — even yours.
It’s no secret that the world is a dangerous place. Organizations with international operations and executives traveling abroad face a wide range of risks, from terror to weather to inadequate law enforcement resources. This is also a hard lesson I learned a long time ago while employed as a special agent with the Diplomatic Security Service looking into attacks on diplomats and businesspeople around the globe.
One of the first cases I looked into was the murder of a Black & Decker employee in Lyon, France. The employee was gunned down at his doorstep by a terrorist organization in April 1986. The LA Times reported that the murder was carried out in response to the U.S. raid on Libya. Later, in 1989, Alfred Herrhausen, a German banker and the chairman of Deutsche Bank was killed in a brilliant and sophisticated bombing operation by the Red Army Faction in Bad Homburg, Germany. (This is described in detail within the National Institute of Justice’s report on Terrorists Tactics and Security Practices.) We would study the Herrhausen attack for years as an example of the sophisticated targeting of a prominent business person.
Of course executives aren’t the only individuals targeted for assassination. In September 2020, Afghan Vice President Abdul Rashid Dostum survived an assassination attempt that targeted his motorcade in Kabul. Global News reported that the attack killed 10 and wounded over 30, including many bodyguards.
Consequences of Global Threats
Foreign policy actions, such as the targeted assassinations described above, have consequences. In some cases, those actions are directed towards Westerners who have become softer targets than their government counterparts in country. Why? As U.S. Government facilities and embassies have been hardened with physical security measures, the threat has been pushed into the private sector where security measures are typically much less stringent.
There are other less obvious factors that come into play that are worthy of discussion. For example, there can be significant risks involved in meetings with foreign government officials and executives. This is heightened in places that face a deteriorating security situation or those that would draw the attention of nation-state intelligence services.
Even if your protectee is not being directly targeted, there is a significant risk of being in the wrong place at the wrong time, or caught in the crossfire if someone close by is targeted.
Let’s be frank: a Western CEO or senior executive that meets with a foreign leader will cause the intelligence services of many countries to take notice, likely putting that executive into the crosshairs of several intelligence organizations. The same is likely true of meetings with many pivotal business leaders, especially those within industries that are critical to national security or economic competitiveness. Nation-state intelligence services exist to steal secrets, competitive intelligence, and any other nuggets that can be collected for a range of foreign policy, financial, and critical intelligence purposes.
Best Practices for Mitigating Threats Overseas
So, how do you mitigate these concerns? Here are a few best practices and lessons learned to consider:
- Evaluate Executive’s International Meetings and Attendee List — First, make sure you have access to the executive’s international schedule to determine where the meetings will occur and who will be attending. Consider what threats might be “dragged” into the meeting? For example, if you are meeting with a senior Mexican official or Russian oligarch, what threats could there be on that person’s life that you can anticipate? Are drug cartels or organized criminal groups likely to be interested in or involved with any of the attendees? Are foreign intelligence services likely to be interested in the meeting? All questions are on the table.
- Location–Specific Risks — Prior to departure, a threat assessment needs to be conducted to determine the likely risks for each location on the itinerary — these should include health, cyber, and intelligence risks such as hotel listening devices or drivers working in collusion with nation-state actors. In some countries, these problems are a given (e.g., China, Iran, and Russia) and are simply unavoidable.
- Advanced Notification to Overseas Partners — As part of the travel advance process, protection personnel should also reach out to OSAC and the respective U.S. Embassy Regional Security Officer for notification purposes. Where possible, you should also seek reliable local security advice about the best places to stay and for reputable local support, such as drivers, good hospitals, and any other local concerns that wouldn’t be immediately apparent, or that could arise specific to your executive’s itinerary.
- Use of Clean Devices for Travel — Consider the use of “burner” phones and clean laptops for executive travel. This is often easier said than done, as we very well know, but the issue should be raised, especially for high-risk travel or in companies facing a high-risk of corporate espionage. Once back in the home-office, those travel devices should be carefully scrubbed by your IT team to determine if any malicious activity occurred and to ensure nothing was left behind on the devices by a nation-state actor.
- Consistent Monitoring for all Devices — For the actual meetings, I have always found it best for the executive protection officer to secure the executive’s laptop and cell phone to reduce the chances of those electronic devices being compromised. Once those devices are left behind, let’s say in an adjacent room, you should assume that they have been compromised.
While it isn’t always possible to fully avoid all risks, executive protection professionals should be careful to consider these threats before they are faced with them in real time. Discussing these scenarios ensures that all parties are aware of the potential problems and consequences involved. Understanding the threat profile helps all parties to make the best decisions under the circumstances to keep executives and the company’s information safe.
If you’d like to dive deeper into how baseline threat assessments are foundational tools to identify threats as they relate to people, companies, entities, or facilities – both domestically or abroad – download our whitepaper on The Role of Baseline Threat Assessments in Protective Intelligence.