Sustainable Executive Protection: How to Build the Right Program for Your Organization
Whether your leaders feel invincible or overly cautious, here’s how to build an executive protection strategy that aligns with real-world risk
If you’re tasked with overseeing executive protection (EP) in your organization, chances are one of these two mindsets sounds familiar:
- Your executives (and possibly the board) remain concerned after the high-profile murder of UnitedHealthcare’s CEO, Brian Thompson, and the rise of online “assassination culture.” They’re asking you for heightened security measures.
- Your executives sit on the other end of the spectrum, dismissing such events as rare anomalies. They feel untouchable, downplaying the need for additional precautions.
The right approach, of course, lies somewhere between overreacting and turning a blind eye. Thompson’s tragic death underscored a crucial reality for organizations everywhere: threats exist (even when your executive isn’t particularly well known), and complacency can be catastrophic. However, not every executive is at the same level of risk. Your challenge is to strike a balance between unnecessary overreach and critical vulnerabilities.
Start with a baseline threat assessment
At the heart of any EP program is a thorough baseline threat assessment. This isn’t just a formality — it’s the foundation for a tailored protective strategy. The goal is to answer the million dollar question: What threats are actively targeting your executive or organization?
To establish this baseline, follow these key steps:
- Define the scope: Identify which executives, assets, or operations need assessment and monitoring.
- Examine historical data: Review any prior incidents, threats, or known adversaries affecting your organization.
- Conduct active threat hunting: Examine social media channels, fringe groups, and even the dark web for signals of emerging risks.
- Pinpoint persons of interest (POIs): Create a database to monitor individuals or entities that pose a potential threat.
- Analyze patterns: Identify trends, recurring threats, or new vulnerabilities.
- Assess vulnerabilities: Look for gaps in physical security, digital visibility, and travel routines.
- Document findings: Compile an actionable report to guide protective measures and resource allocation.
A robust baseline threat assessment clarifies whether the threats you’re facing are immediate, mild, or nonexistent. It’s your starting place to determine what level of protection is necessary and how to scale your program intelligently.
Anchor your program with protective intelligence (PI)
Protective intelligence should anchor modern EP programs. While many teams focus on staffing and logistics, the real game-changer lies in leveraging expertise and tools for threat intelligence. Unlike static threat assessments, PI helps you monitor and adapt to the dynamic threat environment in real time.
A great PI program helps you navigate the reality that most attacks arise from underlying issues — not from specific individuals. For example, a CEO associated with controversial topics like insurance reform may be targeted not for who they are, but for what they represent. By monitoring issue-driven threats, you can anticipate risks before they emerge.
Identify the right level of protection
Once your baseline threat assessment is complete and you have ongoing protective intelligence processes established, prioritize a scalable and sustainable approach that evolves with the threat landscape. Most organizations fall into one of three categories:
No immediate threats: If your assessment uncovers no active risks, avoid overspending or overstaffing your EP efforts. Focus on continuing to execute a strong PI program so you can activate resources if conditions change. Sustainable programs prevent complacency by maintaining readiness while avoiding overreach. Overreaching often leads to desensitization, where protective measures are shelved altogether (you may hear something like, “Nothing has happened, why do I need this?”), creating new vulnerabilities.
Some POIs, low to moderate risk: When POIs are present but no coordinated threats are detected, prioritize enhanced monitoring and occasional counter-surveillance. For example, sweeping areas near an executive’s home or reviewing public event logistics can add proactive layers without taxing resources. Balance visibility and efficiency to adapt as threats evolve.
High-level threats requiring full protection: Organizations facing constant targeting require comprehensive EP programs. This includes full-time advanced security efforts and integrated counter-surveillance teams along with real-time PI.
Continued conversations around security
Conversations with executives and stakeholders are often driven by emotion. Some leaders may resist security measures as overly restrictive (especially as more time passes from the Thompson murder), while others may be overly panicked. The best way to bridge these gaps is with objective data-driven insights. For example:
- Show the data: Present findings from the threat assessment to ground decisions in tangible evidence.
- Ask targeted questions: Discuss executives’ concerns, from family safety to privacy concerns, to shape a program that feels collaborative.
- Highlight scalability: Reinforce the flexibility of EP programs and tailor measures to their comfort level.
Educating protectees on their own behavior is also crucial. Many threats emerge because of actions or behaviors by the protectees themselves. Social media use and public comments (especially on controversial topics) create unnecessary exposure. Helping executives understand how to mitigate risks through smarter behavior is a core part of any successful EP strategy.
“If your organization has already ‘gone back to normal’ after the UHC murder, ask yourself: Is that return based on real threat intelligence and proactive threat hunting, or just cultural comfort? Security complacency is cyclical, and the more often you raise alarms without data, the faster leadership becomes desensitized. You need proof, not just instinct.”
— Fred Burton
Build a smarter, more connected program
Modern EP doesn’t rely on large teams to deliver effective protection. With the right Connected Intelligence platform, EP teams can centralize data, monitor threats, and act decisively without exhausting resources. A system that combines threat data, incident reports, and POI monitoring tools enhances efficiency and creates consistency across operations — from executive travel security to crisis responses.
Final thoughts
Right-sizing your executive protection program isn’t about overwhelming your organization with tight security or cutting corners where they’re needed most. It’s about balance and sustainability.
Focus on gathering actionable intelligence, building scalable solutions, and maintaining a proactive strategy. By aligning your program to today’s risks while preparing for tomorrow, you’ll create a trusted EP strategy that protects your leaders without unnecessary fearmongering.
