Mapping the Threat Landscape: CEOs and Their Companies Face a Surge in Physical and Digital Threats

Threats—physical as well as digital—to CEOs, their employees, and their businesses in the United States have grown exponentially over the past few years, fueled by a combination of a deeply polarized society, divisive policies in response to the COVID-19 pandemic, and executives increasingly taking public positions on social issues.

A survey in May 2021 by the Ontic Center for Protective Intelligence of 300 senior executives, including chief security officers and chief technology officers at U.S. companies with more than 5,000 employees, found 58% said their CEO had received physical threats after taking a position on a racial and/or political issue. 

Global Guardian CEO Dale Buckner attributes this trend to a “strategic shift” in U.S. society.

“Our society now expects corporate headquarters to choose where they sit politically and it expects them to take action where the U.S. government has not” he said.

As a result, “corporate America, whether it is the NFL, Major League Baseball, or large financial institutions, is now taking sides politically,” he added.

This is unusual. “Thirty years ago, CEOs would never have spoken about vaccinations, expressed their opinions on climate change, or jumped into the political fray,” said Buckner. “Now they are because that’s what our society expects.”

But taking a position does not come without risk.

The GROWING THREAT

The threat landscape in the United States—and around the globe—has steadily expanded over the past five years; this is having a detrimental impact on business continuity. The threats to executives, their employees, and their companies have manifested as both physical and digital—at times crossing over. We are, today, in uncharted territory.

Global Guardian Vice President of Global Risk Services Mike McGarrity attributes the rise in threats to disagreements on political philosophy, but also on hot-button issues such as immigration, race, and economic equality. The case of a Florida man who mailed pipe bombs to prominent Democrats and media figures in the weeks before the 2018 congressional elections is just one example of the gravity of these threats. More recently, the January 6, 2021, insurrection at the U.S. Capitol building in Washington, DC, provided an ominous milestone in the upward threat trajectory—and in the days that followed, an increase in threats against corporations and their executives that took a stance.

In his past role as Assistant Director for Counterterrorism at the FBI, McGarrity helped mitigate the risk of terrorist attacks in the United States and against U.S. interests abroad. He says in the past 18 months, CEOs have found themselves the targets of people who have real or perceived grievances toward their policies.

“We have seen the threat transgress more specifically toward C-suite executives. Extremist groups have drawn a target on these executives regardless of whether or not they have taken a stance on policies,” McGarrity said.

McGarrity’s point is illustrated by the Ontic study, which found that while 58% of the respondents said their CEO had received physical threats for taking positions on racial and/or political issues, 40% said their CEO had received physical threats because they had not taken a position on racial and/or political issues.

McGarrity also attributes the increase in threats to executives to company policies related to the COVID-19 pandemic over the past year and a half: work from home/back to work policies, mask and vaccination mandates, and layoffs.

The Ontic study found that 56% of the respondents said their CEO had received physical threats as a result of encouraging vaccinations and mask use.

TRACKING THREATS

While C-suite executives are increasingly in the spotlight, their employees are not far behind. McGarrity has seen a rise in domestic violence as more employees work from home during the pandemic—which has caused corporate security leaders to rethink how their duty of care programs should extend to the home. Additionally, workplace violence has continued despite employees being out of the office, manifesting itself in the form of digital threats and at-home incidents.

One silver lining of the pandemic was the fact that there was a sharp decrease in mass shootings across the United States as workplaces and schools locked down to prevent the spread of COVID-19. However, now as offices and schools gradually reopen, active shooter incidents are picking up—for example, in Atlanta, Boulder, and San Jose. 

McGarrity, who expects this trend to continue, said the increase in active shooter incidents poses a threat not just to CEOs and executives, but also to the greater workforce of companies. In April, a 19-year-old gunman fatally shot eight people at a FedEx Ground facility in Indianapolis. The gunman was a former employee at the facility. 

In the Ontic survey, 75% of the respondents said physical threats will increase exponentially as workplaces begin to reopen and employees return to the office. McGarrity recommends companies train their personnel on threat indicators and response to workplace violence, including active shooters, before the workforce returns.

Threat actors typically air their grievances (and threats) toward an individual online—on the public internet or on extremist platforms on the dark web.

“It is almost a salad bar of ideologies on the dark web,” said McGarrity. “Someone with a grievance will go in and cherry-pick different ideologies to justify their grievance and the actions they are about to take.”

Outside the United States, the risk to Western businesses in countries like India, Mexico, and Nigeria has also grown. Criminal networks in these countries are starting to shift their tactics from targeting executives to extorting employees and their families. “We are seeing, certainly in Mexico, an increase in the last couple of years of the extortion threat against Western businesses which we had not seen to this degree before,” said McGarrity.

The Online Threat: When Your Personal Data Is Your Achilles’ Heel

While personal data may be scrubbed if it is on the open source, this is much harder to do when credentials are on the dark web, where they are typically used for nefarious purposes. And even if executives take great care to protect their personal data, criminals can still reach them by tracking down their immediate family members, McGarrity said.

Executives are most at risk when they are not at work—either at a public event where their presence is publicized or if they have a “pattern of life” and take the same route to work every day or while they are on vacation where they may let their guard down.

At public events, someone with a grievance can easily track their target and cause harm. On vacation, a family member could inadvertently disclose their location in a social media post.

“You have to assume your personally identifiable information is out there,” said McGarrity.

HOW CAN GLOBAL GUARDIAN HELP

As physical and digital threats toward CEOs are on the rise, it is good practice to be prepared for what lies around the corner. Every day, Global Guardian’s team of professionals, many of whom are drawn from the armed services and intelligence community, helps keep clients in the United States and around the world safe through bespoke security solutions. Global Guardian’s services include:

• Executive protection, including Discrete Agent Services, where plainclothes agents are placed on-site to mitigate threats and de-escalate potential violence
• Kidnap and ransom coverage that assists clients traveling in high-risk areas
• A global tracking and intelligence alert platform that monitors clients’ movements and provides support during an emergency
• Cyber security solutions, including baseline cyber security assessments and real-time network monitoring
• Workplace Safety and Violence Prevention E-Learning Course so your employees, whether in the office or at home, can learn how to recognize the signs and act when witnessing concerning behaviors 

These services are executed by teams located in more than 125 countries and coordinated by a 24/7 operations center. To learn more or request support, please complete the form below.