Article

What The Iranian Threat to American CEOs Means for Corporate EP Teams

Get an expert perspective on what the future may hold following the U.S. strikes in Iran and why EP teams can benefit from overabundance of caution

Since the U.S. strike on the Iranian nuclear development program, I’ve had many conversations with corporate security and executive protection teams on the potential of Iranian blowback in the targeting of American CEOs. It’s a topic of interest and a protective intelligence concern.  Let’s face it, Iran does have a long history of terror and has operated on U.S. soil in the past. 

In 1980, I was at the scene of an assassination of an Iranian exile in Bethesda, Maryland, in a scene straight out of James Grady’s “Six Days of the Condor.”  The killer was dressed as a mailman in a stolen USPS jeep to arrive at the victim’s house with a special delivery to shoot the victim, then fled in the Jeep from the crime scene.  We would soon learn that the assassin had fled to Tehran, where he remains to this day. 

Throughout the 80s and 90s, Iran was winning the terror war. We lived through major Iranian attacks on U.S. embassies in Beirut (twice) and Kuwait, the kidnappings of westerners, the killing of the CIA chief-of-station Bill Buckley, the kidnapping and murder of U.S. Marine Colonel Rich Higgins, the hijackings of passenger aircraft, the killing of a U.S. Navy diver, bombings in Argentina (again, twice) and Saudi Arabia, and the list goes on. For every attack we saw, the intelligence community threat streams were blinking red, and it seemed that the Iranian threat was everywhere. 

The 2020 targeted assassination of IRGC General Soleimani resulted in many first-term Trump-appointed officials being listed for retribution, a threat that needed to be taken seriously, based on Iran’s past actions. In 2022, Salman Rushdie, the author of “Satanic Verses,” was stabbed and almost killed at a public event in New York. He had been first threatened in 1989, after an Iranian fatwa had been placed on his head. Interestingly, we had the same editor at Random House, and I had been engaged in the protection of Mr. Rushdie many years before as a special agent. 

However, we are in a different place and time today, based upon the Israeli and U.S. counterterrorism actions and the elimination of key Iranian and Hezbollah leadership. 

In my assessment, the Israel Defense Forces (IDF) has killed every Hezbollah leader who could green light an operation on U.S. soil, along with many, if not most, of the IRGC leadership in Tehran. Many of the senior Iranian and Hezbollah officials killed by the IDF had been involved in the horrific terror attacks on American interests in years gone by, and the U.S. strike on Iran’s nuclear development program was a “shock and awe” operation that no doubt resonated throughout the intelligence services and political leadership inside Iran.  

Having said that, I do not doubt that the intelligence services inside and outside of Iran have contingency plans in place to surveil, strike, and have plotted some degree of revenge. This is what intelligence services do. But I’m also certain that most of the known Iranian intelligence operatives around the globe are being closely watched. So, the question becomes, does Iran have the operational capability with the approval of Tehran to strike on American soil?   Perhaps, but it will come at a cost if a smoking gun can be found leading back to the IRGC.  

What does this mean for corporate executive protection teams?

In the protection business, we live in the grey world of threats. I firmly believe that the classified threat streams are once again blinking red, because it’s the easiest way for the Iranians to jam up the collection systems without crossing any lines. History has also shown that Iran has surprised the West in the past. In most of the catastrophic attacks against U.S. interests that I have investigated and reviewed, we had no warning, nor observations of pre-operational surveillance, which had to take place as part of the attack cycle.

Thus, much like Mr. Rushdie and the IC, we never saw the threat actors coming until it was too late. So where does that leave protectors? Here are six steps to reinforce your protection efforts:

Stay extra vigilant

If your company has ties to intelligence, defense, or political issues, there’s a higher risk of targeting. Executives, especially those of Jewish heritage or with visible public profiles, face amplified exposure to harassment or harm.

To address this, heighten your executive protection posture now. Deploy advanced counter-surveillance protocols and prioritize actions based on risk, considering factors like public exposure and location. Proactively closing gaps reduces vulnerabilities before threats materialize.

Harness the power of 24/7 Protective Intelligence

Equip your team with protective intelligence platforms that monitor open-source channels (OSINT), the dark web, fringe platforms, and social media around the clock. These solutions allow you to dig deeper than surface chatter, alerting you to early signs of targeting or coordinated plans.

Configure systems to trigger automated alerts for red flags, such as threatening language, doxxing attempts, or harmful media coverage. Real-time notifications enable rapid response, minimizing the window of opportunity for bad actors.

Audit executive digital footprints

An executive’s digital presence (along with family) can be a goldmine for those with malicious intent. Regularly audit critical online touchpoints, including their social media profiles, public data, leaked credentials, and personal information. Find out what’s exposed, and secure anything that could be weaponized — like email addresses, details revealing family members, or unprotected LinkedIn activity. By minimizing the digital footprint, you reduce the potential for exploitation.

Reinforce event and on-site security

Public appearances and advertised events create heightened risk, but with the right preparation, you can neutralize many threats. Begin each event with a comprehensive threat assessment. Use intelligence from sources like local sentiment analysis and law enforcement insights to identify potential risks.

On the ground, reinforce your surveillance presence — overtly to deter offenders and covertly for real-time insight. Monitor protest activity, suspicious behavior, or shifts in public sentiment, using these findings to adapt contingency plans before threats escalate.

Build strong federal and local partnerships

Security doesn’t happen in isolation — it requires external collaboration. Strengthen ties with federal and local agencies, including the FBI, Joint Terrorism Task Forces (JTTFs), and DHS Fusion Centers. These partnerships offer actionable intelligence that keeps your team ahead of the curve.

Regular communication ensures you’re not just passively receiving information but actively integrating it into your protocols. As global tensions shift, being plugged into the broader intelligence community can make all the difference.

Keep executives briefed without alarm

Security briefings can be tricky. You need executives to take risks seriously without overwhelming them. Tailor your briefings to their specific roles, threat tolerance, and exposure. Focus on practicality — covering digital hygiene tips, how to stay situationally aware, and guidelines for safer travel.

Keep family members and assistants in the loop, too. Their proximity to executives makes them natural targets. Strengthening their awareness helps close potential gaps, leaving fewer vulnerabilities for adversaries to exploit.

As I’ve said in the past, you can’t find surveillance unless you are looking for it, because lone threat actors inspired or sympathetic to Iran or Gaza can lurk outside of the threat bubble, until they choose to strike.   

Learn More

Executive protection built for today’s threats

Fred Burton