Executive protection—how important is it? Unfortunately, one very bad event is all it takes to answer that question:
Terrified, haggard and frostbitten, Karen McMullan refused to give police the details of her ordeal until she knew her husband Kevin was safe. Twenty-four hours earlier, men dressed as police officers had talked their way into the McMullan's home. Once inside, they held a gun to the head of Kevin McMullan, the assistant bank manager for Northern Bank in Belfast, Northern Ireland, and explained that he would help them carry out a daring robbery. To ensure his cooperation, they kidnapped his wife.
At the same time just a few miles away, armed men entered the home of another bank employee, supervisor Chris Ward, and conscripted him into their plan by taking his mother, father, brother and brother's girlfriend hostage. Per the kidnappers' instructions, the next evening McMullan and Ward used their security passes to enter Northern Bank's inner vault and packed up bags of banknotes. The cash was loaded into a white truck and driven away. Hours later, Karen McMullan staggered out of a Northern Ireland forest and into the first house she found.
Many companies pay lip service to the notion that employees are their most valuable assets, but few have actually done the math. In the case of Northern Bank, the use of the McMullan and Ward families in that December 2004 robbery cost approximately $50 million—and that is just the thieves' take. Add to that the public relations costs (worldwide headlines, inquiries by prosecutors and British intelligence), and the tab runs considerably higher. So solid executive protection can pay for itself in the long run.
The threats facing an executive vary widely depending on the size of the company, the industry it belongs to and the individual executive's profile. CSOs in oft-targeted sectors such as the financial services, pharmaceutical and energy industries, and those with executives based overseas, worry about kidnapping, carjacking, mail-borne explosives, biological agents and ecoterrorism. Threatening letters and e-mails and workplace violence fill out the list.
Given the range of risks involved, CSOs who have managed executive protection programs know that protecting an individual is a very different discipline from securing a facility. A top executive not only can't be locked down but, unlike a building with a single gate, there are numerous ways for an attacker to get to an executive, including through family members, as in the Belfast example. Executives will also rebel against onerous security restrictions. CSOs face the challenge of calibrating protection that serves their company's needs while also making that security palatable to the executives who have to live with it.
We spoke with executive protection specialists, including former and current agents from the U.S. Secret Service, and gleaned their advice on building an executive protection (EP) program. These tips apply whether you are spending millions to protect all your top executives or you hire the occasional security provider when your CEO travels. Following this advice can make an enormous difference in your executives' safety—and transform the executives' idea of personal protection from a barely tolerated hassle into a perk.
Executive Protection Tip #1: Ask questions early (and often)
Whether you are starting an EP program or just looking to tune up a preexisting plan, the first step CSOs should take is to conduct a thorough risk analysis. You need to identify the individuals who are critical to your organization, assess the impact to the corporation if they were lost and examine the risks that each of those people faces. Is there a history of threats against any of these individuals? Do they travel regularly to dangerous places? To what kinds of crimes or dangerous situations are they most vulnerable? Some executives keep a very low profile. Others, such as Donald Trump and Richard Branson, aggressively court media attention and risk attracting the notice of undesirables as well as fans.
More on Executive Protection
- Why the private sector model is broken
- Oatman: Obama inauguration puts executive protection in spotlight
- Scotti on driving: How to back out of a kill zone
- How to protect employees in global hotspots
- The final 5 Tweets of Harold Wigginbottom, tech-savvy CEO
Once you have determined the individuals who need protection, you need to know everything about their public and private lifestyles. This is called creating a "principal profile," and it requires the executive's full cooperation. You need to know everything about his work and home lives—everything from detailed information about his home, his family's habits and any organizations and clubs he frequents. It's also important to investigate how easy it is for outsiders to get information on your principal and his family.
Arnette Heintze, director of security with a Fortune 100 company and a retired U.S. Secret Service special agent in charge, advises doing a little online surfing. "Some companies are way too proud about putting everything they can about their executive and his family up on their website," says Heintze. "If someone is stalking a certain CEO, he can find out a lot of information on the Web." (If there is a lot there, the protection team needs to educate the marketing and communications staffs about what publicized personal details could put an executive at risk.)
Based on what the protection team learns about its subjects, CSOs will start to get a picture of what kinds of security measures you'll need to take. Some companies find that their executives need very little protection. Others need a 24/7 command post set up in their home. You should also consider whether your industry has a standard for executive protection. Companies in high-risk industries might find that there are some common levels of protection used for their executives. For example, executives at large financial services companies might have panic alarms in their homes as a standard security protocol. Researching common protective measures in your industry can enable you to benefit from others' experience.
Of course, none of this comes cheap. So it's critical that you're comfortable with your recommendations because you have to be able to justify them. "Security is always negotiated in the private sector," says Joe Russo, the vice president of special operations with T&M Protection Resources in New York City, who spent 20 years with the U.S. Secret Service. "You have to be able to articulate why you are going with certain procedures and justify heavier doses of security. It's big dollars, so they're not going to take it lightly."
For example, according to the Jan. 6, 2005, proxy statement that Disney filed to its shareholders, in 2004, Disney spent $716,335 on security advice and personnel for CEO Michael Eisner, and $18,663 on security systems and equipment for his safety. For COO Bob Iger, the company spent $471,646 on security advice and personnel and $2,470 on security systems.
It's important to realize that risks are ever-changing. CSOs need to establish a baseline level of security for their executives that can be increased when warranted. "Good executive protection professionals understand the threat level and analyze it constantly," says Tim Horner, associate managing director at security consulting behemoth Kroll. A CEO might get 25 threatening e-mails a week without the threat level spiking. But if a threatening letter is tucked under the front door of the CEO's home, that signals someone is taking extra pains to deliver their venom, and security may need to be increased.
Executive Protection Tip #2: Ditch the bouncer
The term "executive protection professional" should tell you all you need to know about the evolution of executive security details. No-neck goons in black turtlenecks and lumpy suit jackets are fine if you want to hit a dance club with a posse, but they are not effective for executives. An effective EP program has to be based on research and preparation rather than sheer muscle.
"That's the difference between a bodyguard and a protection professional: One specializes in muscles and has a gun, and the other may be less physically imposing but is better prepared to identify threats before they materialize," says David Katz, president and CEO of the Global Security Group, which provides training and consulting for executive protection details.
Whether you are using proprietary staff or outsourcing, the CSO must ensure that protection professionals are properly trained, advises Heintze. They need to have experience in defensive driving, emergency medical training, the ability to defend against an attack on a principal, a conspicuous pride in staying fit, and the good judgment to assess threats and employ the appropriate countermeasures. Today's protection professional also has to be a mirror image of his principal in professional dress and demeanor.
"You need to know how to walk, dress and talk like your executive," says Ilan Caspi, executive vice president of the Global Security Group and a former member of Shin Bet, the Israeli counterintelligence and internal security service. Blending into the executive's milieu is critical to ensuring his safety and minimizing the impact of a security detail on his daily life.
Executive Protection Books
By A. Hunsicker (Universal Publishers, Dec. 2007)
By Robert Oatman (ASIS International, 2009)
By Robert Oatman (Noble House, 2006)
By Gavin de Becker (2008)
So who is the executive protection professional? "These men and women are educated, trainable, respectful and dedicated professionals," says Robert L. Oatman. Oatman, author of a book on executive protection, founded R.L. Oatman & Associates, which specializes in executive protection operations and training. (Update: See an executive protection Q&A with Oatman from 2009.) "They know how to blend into their environment and carry on an intelligent conversation, and they understand that they represent the executive." Many companies hire former police officers, secret service agents and military officers to fill this role, but experts like Oatman point out that it's also possible to find people within a corporate security organization who have the right character for the role. The physical skills necessary to do protection can be taught, but the dedication, discretion and integrity necessary to do the job well are often harder to find. "This job is not for everyone," says Oatman.
Protection professionals have to be great communicators. They have to be able to establish a good rapport with their principal without getting too close. "You want to make sure that you keep everything on a professional keel," says Tim Koerner, deputy assistant director in the office of protective operations for the U.S. Secret Service. "When you are in close proximity for a long period of time, people sometimes let down their guard and become more chummy. The best results are when things are utterly professional."
The CSO's role is to identify promising protection professionals (both within the company and outside of it), and to mentor them and make sure they receive the appropriate training. That training can include skills such as choreography (knowing how to stand, walk and get out of a car with a principal), conducting advance work to prepare for trips and events ahead of time, effective countermeasures to deal with an attack or security threat when it materializes, proficiency with home alarm and access control systems, familiarity with armored vehicles, and firearms training.
Executive Protection Tip #3: Make protection feel like a perk
Some people come into the protection business imagining they'll be like Clint Eastwood, firing off magnum clips and cool one-liners in rapid succession. But opportunities for gun-play are hard to come by if the job is done well. In fact, the job can seem quite dull when success is measured by how uneventful the executive's routine becomes. Nerdy as it may sound, good organizational abilities and excellent research skills will prevent the lion's share of problems. These things also carry an ancillary benefit: helping an executive eliminate many of the usual annoyances of travel.
When an executive deviates from his routine in order to travel, the protection professional needs to be in a position to prevent a dangerous encounter rather than simply respond to it, says Koerner. Before attending an event, the protection professional should examine the principal's travel logistics and create a contingency plan for every conceivable possibility. Without this kind of preparation, protection professionals could find themselves frozen by the onset of a medical situation or attack. "You know you have done a really good advance job if you are able to answer all the questions [about an event] that are asked of you," says Koerner. It's also easy to tell the protection professionals who have not done their homework. They're the ones who are constantly standing within a foot of their principals. "By not having done the proper advance work, the untrained professional ends up smothering the CEO and destroying his credibility," says Heintze.