Recap of Security Leader Focus Group Discussion, hosted by effortlo
In the latest Security Leader Focus Group discussions hosted by effortlo on January 23 and January 29, 2025, security executives and industry experts convened to address one of today’s most urgent security concerns: Executive Protection (EP) and the increasing threats faced by corporate leaders.
The urgency of this discussion was underscored by the recent assassination of UnitedHealthcare CEO Brian Thompson, a wake-up call for corporate security teams worldwide. This tragic event exposed vulnerabilities in executive protection strategies and highlighted a disturbing shift in public sentiment, where violent acts against executives are sometimes rationalized or even praised.
The Growing Threat to Leaders is a Wake-Up Call for EP Programs
The December 4, 2024, assassination of UnitedHealthcare CEO Brian Thompson in midtown Manhattan shocked the corporate world. He was murdered in broad daylight while walking to an investor conference, proving that even well-resourced executives remain highly vulnerable in public spaces.
The alleged perpetrator, Luigi Mangione, an Ivy League graduate with no direct ties to UnitedHealthcare, was found in possession of:
A firearm matching the murder weapon
A fake ID
A notebook filled with anti-corporate rhetoric
But here’s the part that should concern every security leader—this wasn’t just an attack on one executive. It was a symptom of a larger issue.
Public Reaction and the Alarming Rise of Anti-Executive Sentiment
While Mangione is solely responsible for his actions, a significant portion of the public blames corporate greed and healthcare denials for the attack.
A NORC at the University of Chicago poll found that 70% of U.S. adults believe corporate profits and coverage denials played at least a moderate role in Thompson’s killing.
Younger Americans (18-29) were far more likely to blame insurance companies than Mangione himself. According to a recent poll, 41% of young voters say the killing was “acceptable”.
The case has triggered a rise in threats against high-profile executives, forcing corporations to reassess their security measures and risk assessments.
Executives aren’t just facing physical threats. They’re fighting public perception. This growing hostility toward corporate leadership presents an urgent challenge for security teams: How do companies protect executives in a world where they are increasingly viewed as targets?
The Executive “Playing Cards” and the Copycat Threat
A disturbing trend emerged in the weeks following the assassination: a set of digital "playing cards" featuring high-profile executives and their compensation packages began circulating online. Modeled after the infamous Iraq War deck of most-wanted targets, these cards showcased CEOs from various industries, their salaries, stock options, and controversial business decisions—all framed as symbols of corporate excess.
Security experts in the discussion warned that this gamification of executive targeting could inspire copycat attacks. Some social media communities and fringe groups used the cards to stoke resentment, further fueling anti-executive sentiment and encouraging harassment, doxxing, and real-world violence.
“Threats don’t always come in the form of direct messages or physical intimidation anymore. When executives are being turned into targets through viral content, that’s a real-world security risk.”
The Big Questions Security Leaders Need to Answer
A major point of discussion was how to convince executives to take EP seriously, as many downplay risks and see security measures as inconvenient or unnecessary.
The group tackled three big questions that every security team should be asking:
What are the non-negotiable elements of EP?
How do security leaders persuade executives to take threats seriously?
How do companies balance EP costs with effectiveness?
Here is a breakdown:
What Are the Non-Negotiable Elements of Executive Protection?
Security leaders aligned on several core EP measures that all organizations should implement, regardless of budget constraints or executive resistance.
Essential EP Measures Identified:
✔ Threat Intelligence & Social Media Monitoring
Continuous tracking of online sentiment regarding executives
Early warning detection of escalating threats
AI-driven monitoring to flag hostile narratives
✔ Secure Travel Protocols
Disrupting predictable movement patterns to prevent tracking by bad actors
Pre-vetting locations for public appearances (e.g., investor meetings, conferences)
Using vetted, professional drivers instead of ride-share services
✔ Crisis Response & Emergency Planning
Clear evacuation & emergency communication procedures
Redundant security measures (e.g., secondary exit routes, secure rooms)
Training key staff members on handling an executive crisis
✔ Defined Security Personnel Roles
Clearly delineating responsibilities in the event of a security incident
Integrating security personnel with executive assistants & C-suite leadership
“Executive protection is only effective if it’s layered. A single close protection officer or a reactive security detail isn’t enough—EP needs to be proactive, predictive and built into the fabric of an organization.” – Bruce McIndoe
How Do Security Leaders Convince Executives to Take Threats Seriously?
One of the biggest obstacles to executive protection isn’t the cost—it’s the executives themselves. Many leaders resist security measures because they see them as unnecessary, inconvenient, or an image problem. Some believe having close protection makes them look unapproachable, while others insist they don’t feel at risk.
Unfortunately, this mindset often only changes after a serious incident forces it to. The group discussed proven strategies for overcoming executive resistance and ensuring security is viewed as a business enabler rather than a burden.
Key Strategies for Overcoming Executive Resistance
Show them the data.
Executives don’t respond to hypotheticals—they respond to hard facts. Leaders are more likely to take action if a security team can back its recommendations with real-world intelligence, industry-specific data, and case studies.
Executives want evidence, not opinions. If they’re skeptical, show them threat reports, real-life incidents involving competitors, or even sentiment analysis from social media.
Use company-specific data. Show recent threats against the company or its leaders, online discussions mentioning executives by name, or security vulnerabilities that have already been exploited.
Illustrate financial impact. If security fails, what would be the cost in lawsuits, reputation damage, stock value loss, or operational downtime?
One security leader shared their approach:
“I don’t argue with my CEO anymore. I just show him the data—‘Here’s what’s being said about you online. Here’s how close a recent security breach came to affecting us.’ Once they see it in black and white, they get it.” – CSO Participant
Reframe Executive Protection as Business Continuity
One of the most effective ways to get leadership buy-in is to stop framing security as a personal issue and start presenting it as a business function. Security isn’t just about keeping an executive safe—it’s about keeping the company running.
Security failures impact business stability. If an executive is targeted, kidnapped, or harmed, it can destabilize leadership, disrupt operations, and create stock volatility.
EP enables, rather than restricts, executive mobility. Many executives resist security because they believe it will slow them down or complicate their lives. In reality, a well-designed security strategy allows executives to move more efficiently, safely, and productively.
Use productivity-based arguments. A great example from the discussion was the role of executive drivers.
The Value of an Executive Driver
Having a trained security driver doesn’t just increase safety—it also saves time.
Executives can work, take calls, or review materials instead of worrying about traffic.
It removes the unpredictability of rideshare apps, unfamiliar routes, or unreliable transport.
In some cases, security drivers can use restricted lanes or private exits, allowing executives to move faster, avoid crowds, and arrive on time.
“Security isn’t just about risk prevention—it’s about enabling executives to function at their highest level. A well-protected CEO is a more effective CEO.”
When security teams frame their role as a value-add to the business rather than just a cost, executives are much more likely to embrace it.
Leverage Peer Influence
Executives don’t always listen to security professionals—but they do listen to other executives. One of the most effective tactics discussed was connecting executives with peers who have survived real security incidents.
Hearing a firsthand account from a CEO who was targeted, attacked, or survived an assassination attempt makes threats feel real and personal rather than abstract risks.
One CSO in the group shared that their CEO only took security seriously after a peer told him about an attempted abduction. The experience changed his perspective immediately.
“Once executives hear directly from someone who’s been through a crisis, they understand that security isn’t paranoia—it’s preparation.” – CSO Participant
Security teams can also highlight examples of companies that suffered financially because they failed to protect key leaders. If executives understand that strong security isn’t just about personal safety—it’s about company survival—they’re far more likely to engage.
How Do Companies Balance EP Costs with Effectiveness?
Security budgets are tight, and companies don’t want to spend millions unless they have to. But cutting corners in EP can be a deadly mistake. So, how do you get the most out of your security budget?
✔ Investing in Intelligence
Real-time threat monitoring is more effective than full-time security details.
Social media sentiment tracking & risk analysis yield high ROI. If you know where threats are coming from, you can neutralize them before they become a crisis.
The data will help determine the need for close protection and other more expensive mitigation efforts.
✔ Enhancing Security with Technology
Geofencing alerts for executives entering high-risk areas
Discreet wearable security technology
AI-driven access control systems to keep bad actors out
✔ Scaling EP Based on Risk Level
Low-Risk Executives → Digital monitoring & basic travel security
Moderate-Risk Executives → Situational awareness training
High-Risk Executives → Full-time security detail, active monitoring
“We don’t treat executive protection as an individual expense. It’s a corporate asset that supports the entire organization. That shift in thinking helps justify the budget.” – CSO Participant
Where Does Executive Protection Begin and End?
Executive protection has traditionally focused on CEOs and high-ranking corporate leaders, but as threats evolve, so too must the scope of security programs. During the discussion, security professionals challenged the conventional thinking that only top executives require protection, pointing out that several other key personnel hold sensitive information, make critical business decisions, or interact with the public in ways that put them at risk.
The reality is that executives aren’t the only targets anymore. High-profile employees, administrative staff, and even third-party contractors can all be used as leverage points to harm a company’s leadership, steal sensitive information, or disrupt operations.
One security leader emphasized that threat actors don’t always go for the most obvious targets. Instead, they look for someone with significant status and access to key company secrets but without the same level of protection. A well-connected executive assistant, a CFO who makes difficult financial decisions, or a contractor handling sensitive data can be just as vulnerable as a CEO.
The group debated the growing need to expand EP coverage to include these high-risk, high-access individuals. While security resources may be finite, the cost of overlooking key personnel in an organization could be far greater.
Here’s who else should be considered for some level of executive protection:
Board Members & High-Profile Employees
Executives beyond the CEO—including CFOs, General Counsels, and Chief Medical Officers—are now prime targets due to their involvement in controversial decisions and public-facing roles.
Kidnapping, extortion, and threats against executive families are increasing, particularly in industries like healthcare, tech, and finance.
Executive Assistants & Key Staff with Sensitive Information
Executive assistants often have full access to calendars, emails, and confidential company plans—yet they rarely receive the same level of protection as the executives they support.
If compromised, either through coercion or cyber threats, they could unknowingly expose high-level security risks.
Remote & Hybrid Executives
Executives who work from home are often overlooked in security planning, but they remain visible targets online and can be easier to track.
Doxxing (the release of private information online) has become a significant threat, with home addresses, family details, and private phone numbers often exposed.
Third-Party Contractors & Gig Workers
Many companies outsource sensitive projects to external contractors, yet these individuals often lack proper security oversight.
A data breach or security gap from a vendor could be just as damaging as a direct attack on an executive.
The modern threat landscape demands a broader, more strategic approach—one that identifies and protects anyone who holds the keys to critical information, decisions, or leadership access.
“Executive protection isn’t just about the CEO. It’s about the people who have direct access to everything that makes them vulnerable.” – Participant Quote
Key Takeaways: If You’re Not Thinking About EP, Your Company is at Risk
If this discussion proved anything, it’s that executive protection isn’t just about the CEO anymore. The risks are evolving, and organizations must adapt before they’re forced to react.
Public perception is shifting—leaders are now seen as legitimate targets.
Executives are no longer just decision-makers; they’re public figures representing corporate policies. The assassination of Brian Thompson and the public response justifying it prove that leaders face growing hostility. If you’re not tracking public sentiment and emerging threats, you’re already exposed.
Security has to be proactive, not reactive.
Waiting for an incident to happen is a failing strategy. Companies need continuous threat monitoring, crisis planning, and real-time risk assessments to stay ahead of potential attacks. If your security plan only activates after a crisis, it’s too late.
Technology is a game-changer.
AI-driven security tools aren’t optional anymore. Companies that leverage AI-powered threat detection, geofencing alerts, and sentiment analysis will identify risks before they escalate. Those that don’t will be caught off guard.
Leadership must be involved.
Security teams can’t protect executives without buy-in from leadership. Presenting real data, case studies, and potential financial risks shifts the conversation from “personal security” to business continuity. If executives don’t take threats seriously, security teams will always be fighting an uphill battle.
Outside experts provide critical insight.
An independent review of EP strategies ensures organizations aren’t missing blind spots. A fresh, data-driven perspective can reveal vulnerabilities that internal teams overlook and strengthen executive security before it’s tested in a real-world crisis.
The bottom line.
The threats are real, and they’re increasing. The question isn’t if an incident will happen—it’s when. The companies that act now will be prepared. The ones that don’t will be forced to learn the hard way.
Benchmarking.
How does your approach to executive protection align with other companies? Get an assessment from independent, non-biased executive protection experts.
About The Security Leader Focus Group
The Security Leader Focus Group, is designed to host about 20-25 CSOs, Global Security Leaders, and SMEs alongside the effortlo Executive Resource Council. This is a working session where security leaders speak openly and candidly - sharing their experiences, successes, and struggles around a topic with the intent to #benchmark and collaborate with like-minded peers.
About effortlo
Effortlo is the world’s only #marketplace exclusively for security professionals, designed to empower companies with unparalleled access to trusted expertise. Our innovative model offers flexibility, transparency, and cost-effective solutions that help organizations address their most pressing security challenges. From embedding top-tier experts to streamlining complex projects, we enable businesses to expand their capabilities without expanding their payroll. By engaging the industry’s best resources, effortlo ensures your security programs are effective, scalable, and tailored to your unique needs.
Do you want to learn more about how effortlo helps companies solve security challenges? Schedule an introduction.
Participants in this Focus Group included: (plus others who cannot be publicly named)
Josh Carver – Chief Security Officer at Schneider Electric
Brad Minnis - Vice President, Environment, Health Safety & Security at Juniper
Jason Maddix – Corporate Security Director at Republic Services
Reigna Zeigler – Global Director, Emergency Mgt & Continuity at Johnson Controls
Rich Streeter – Chief Security Officer at PwC
Rusty Wallace – Chief Security Officer at Veritiv
Tom Edwards – Director of Corporate Security at Airbnb
Mary-Ann Anyikam – Head of Global Resilience at HP
Jon Harris – Director of Risk Management, Private Company
Carlos Galvez – Principal Risk Consultant at Bastion Projects
Jeff Dean – Vice President, Global Intelligence Operations at Alert Media
Larry Gladhill – Head of Global Security Services and Technology at Biogen
Robert Botelho – Global Head of Protective Services at Schneider Electric
Patrick Joyce - Global Resident CISO at Proofpoint, Former CSO/CISO at Medtronic
Bruce McIndoe – President McIndoe Risk Advisory and founder of iJet/WorldAware
Rich Widup – President of The Widup Group & former President of ASIS
Tim McCreight – CEO of Talecraft Security & 2023 President of ASIS
Sulev Suvari – Principal of Levvari, former Global Head of Safety, Security & Resiliency at HP
Rob Chamberlin – President & Founder of Security 101
Steve Lisle – Ambassador for Reducing Effort – Founder of effortlo.
Dr. Steve Albrecht – WPV and Threat Assessment Expert
Mike Osborne – former Chief Security Officer at Kinross
Karan Uthaiah – Founder of TASC and former Head of Global Resilience at HP
Comments