Today’s Executives Face Evolving Cyber ThreatsTo prevent executives from becoming exploited data access points for threat actors, sufficient protection must go beyond simply guarding against physical danger By: Chris Bullock
Is traditional executive protection enough in today's connected world? The short answer to this is "no." When they hear the term "executive protection," many people picture a muscle-bound bodyguard with dark shades walking behind a celebrity as the camera flashes go off and their fans scream for autographs. This could not be further from the truth. In fact, this is exactly the kind of protection that you do not want if you are a celebrity, high wealth or high notoriety individual. This kind of protection is single-threaded and utilizes mere physical intimidation and tactical fallacies which can leave their principal compromised. Real and effective executive protection is an intricate system of processes, techniques, and intelligence deployed to protect the well-being of the principal. Well-being and compromise are the key operating words to track as we examine executive protection from the cyber perspective.
Though physical well-being is paramount to executive protection, compromise can impact the principal in a variety of ways. When we discuss well-being and compromise in terms of true executive protection, we have to consider physical safety, reputational security, privacy and principal efficiency. This is why the second plane on which a principal's protection resides must be considered and can no longer be overlooked or neglected. This second plane of protection is the cyber plane or the principal's cyber executive protection.
Principals are not always celebrities. They may be high wealth individuals who lead profitable organizations or simply individuals with access to high value data. No matter if the principal is a celebrity, someone in an executive position, a CEO, COO or other corporate leader, their position and status make them appealing targets for both traditional- and cyber-criminals alike. Many times this position can bring their families into harm's way right alongside them. One could say that the executive protection tradecraft has been almost perfected from the physical security perspective, but much work is still needed in the often-overlooked cyber perspective.
Executives are More Digitally Connected than Ever Before
Today we are all connected to cyberspace through some device that we either own or use, and this is soften more common amongst principals and VIPs that are depended upon for their expertise in setting and managing the strategy for an organization and who must be available almost immediately when needed. These same principals often deploy Internet of Things (IoT) convenience devices in their homes. These can include home automation solutions that allow the manipulation of door locks, window shades, thermostats, and more via a smartphone. The principal can be compromised from the cyber perspective even easier than they are from the physical standpoint. Online criminals feel emboldened by the warm protection of anonymity and obfuscation available through cyber-criminal activity as opposed to physical criminal activity. The motives remain the same and a multitude of criminological theories can be applied to theorize why these actors do what they do; however, the top motives for attacking a principal are financial, revenge or activist related. Now more than ever, executive protection has to become part of business continuity and disaster recovery planning.
Cyber executive protection must be incorporated into all aspects of the traditional executive protection program to protect the principal, their close staff, and their organizations. This means the traditional executive protection threat assessments must start to comprehensively incorporate not only all of the traditional safety assessment considerations but now also include cyber threat intelligence, Open Source Intelligence (OSINT), cybersecurity, cybersecurity awareness, cyber incident response, and cyber victimology analysis. This will mean that more and more, the close protection team(s) assigned to the principal will need to collaborate frequently with the Chief Information Security Officer (CISO) and cybersecurity teams within the organization to ensure the principal is protected from 365 degrees. Executive protection agents are familiar with "working off the clock" when providing physical protection for their principals; they need to now consider that clock has turned into a digital clock requiring response both to physical threats at any clock position along with threats originating from cyberspace in the form of 1's and 0's.
Cyber Threats Don't Always Remain in Cyber Space
A threat that is in the form of 1's and 0's can easily become a threat that causes physical damage through the potential manipulation of the principal's home automation system, allowing a deviant into the home physically. That same cyber threat could result in the doxing of personal information, private photos or contacts being dispensed onto the darknet. Once their address is disclosed, it makes victims more vulnerable to an up-close, physical attack. It could result in irreparable reputational damage to an organization or psychological distress for the principal and their families. The risks, both digital and physical, are real, without a comprehensive protection strategy in place.
Executive Protection Programs Must Work for Everyone Involved
Two other considerations must also be taken into account for any executive protection program. Prior to deployment, it is critical to obtain buy-in from the principal to ensure that the program is tolerable and attractive and to maintain their ability to continue in their role uninterrupted, without fear. For a program to work effectively, the principal must be comfortable with it and feel it is manageable for both his personal life and his professional responsibilities. Without ensuring that alignment, the program will be unsustainable.
In today's technologically advanced and ever-changing society, executive protection must not only consider the physical components of a principal's comprehensive protection but also the cyber protection components. Traditional executive protection is a mature tradecraft from the physical perspective, but there is still quite a bit of work to do in order to add vital cybersecurity components. Cyber threat intelligence, Open Source Intelligence (OSINT), cybersecurity, cybersecurity awareness, cyber incident response and cyber victimology must be added to the holistic protection program of any principal. Cyber compromise can lead to dangerous physical compromise and close protection teams must leave that comfortable mindset of working in a vacuum to covertly protect their principal(s). Close protection teams must now begin to collaborate with cybersecurity professionals and CISO's at their organizations that have the special cyber protection skills to ensure the principal, their close staff, and their families are protected comprehensively.