The Six Things You Need to Know About Executive Protection
Executive protection requires risk assessment, cost-benefit analysis and old-fashioned legwork. Here are six executive protection fundamentals.
By Daintry Duffy
April 01, 2005 — CSO — Executive protection—how important is it? Unfortunately, one very bad event is all it takes to answer that question:
Terrified, haggard and frostbitten, Karen McMullan refused to give police the details of her ordeal until she knew her husband Kevin was safe. Twenty-four hours earlier, men dressed as police officers had talked their way into the McMullan's home. Once inside, they held a gun to the head of Kevin McMullan, the assistant bank manager for Northern Bank in Belfast, Northern Ireland, and explained that he would help them carry out a daring robbery. To ensure his cooperation, they kidnapped his wife.
At the same time just a few miles away, armed men entered the home of another bank employee, supervisor Chris Ward, and conscripted him into their plan by taking his mother, father, brother and brother's girlfriend hostage. Per the kidnappers' instructions, the next evening McMullan and Ward used their security passes to enter Northern Bank's inner vault and packed up bags of banknotes. The cash was loaded into a white truck and driven away. Hours later, Karen McMullan staggered out of a Northern Ireland forest and into the first house she found.
Many companies pay lip service to the notion that employees are their most valuable assets, but few have actually done the math. In the case of Northern Bank, the use of the McMullan and Ward families in that December 2004 robbery cost approximately $50 million—and that is just the thieves' take. Add to that the public relations costs (worldwide headlines, inquiries by prosecutors and British intelligence), and the tab runs considerably higher. So solid executive protection can pay for itself in the long run.
The threats facing an executive vary widely depending on the size of the company, the industry it belongs to and the individual executive's profile. CSOs in oft-targeted sectors such as the financial services, pharmaceutical and energy industries, and those with executives based overseas, worry about kidnapping, carjacking, mail-borne explosives, biological agents and ecoterrorism. Threatening letters and e-mails and workplace violence fill out the list.
Given the range of risks involved, CSOs who have managed executive protection programs know that protecting an individual is a very different discipline from securing a facility. A top executive not only can't be locked down but, unlike a building with a single gate, there are numerous ways for an attacker to get to an executive, including through family members, as in the Belfast example. Executives will also rebel against onerous security restrictions. CSOs face the challenge of calibrating protection that serves their company's needs while also making that security palatable to the executives who have to live with it.
We spoke with executive protection specialists, including former and current agents from the U.S. Secret Service, and gleaned their advice on building an executive protection (EP) program. These tips apply whether you are spending millions to protect all your top executives or you hire the occasional security provider when your CEO travels. Following this advice can make an enormous difference in your executives' safety—and transform the executives' idea of personal protection from a barely tolerated hassle into a perk.
Executive Protection Tip #1: Ask questions early (and often)
Whether you are starting an EP program or just looking to tune up a preexisting plan, the first step CSOs should take is to conduct a thorough risk analysis. You need to identify the individuals who are critical to your organization, assess the impact to the corporation if they were lost and examine the risks that each of those people faces. Is there a history of threats against any of these individuals? Do they travel regularly to dangerous places? To what kinds of crimes or dangerous situations are they most vulnerable? Some executives keep a very low profile. Others, such as Donald Trump and Richard Branson, aggressively court media attention and risk attracting the notice of undesirables as well as fans.
Once you have determined the individuals who need protection, you need to know everything about their public and private lifestyles. This is called creating a "principal profile," and it requires the executive's full cooperation. You need to know everything about his work and home lives—everything from detailed information about his home, his family's habits and any organizations and clubs he frequents. It's also important to investigate how easy it is for outsiders to get information on your principal and his family.
Arnette Heintze, director of security with a Fortune 100 company and a retired U.S. Secret Service special agent in charge, advises doing a little online surfing. "Some companies are way too proud about putting everything they can about their executive and his family up on their website," says Heintze. "If someone is stalking a certain CEO, he can find out a lot of information on the Web." (If there is a lot there, the protection team needs to educate the marketing and communications staffs about what publicized personal details could put an executive at risk.)
Based on what the protection team learns about its subjects, CSOs will start to get a picture of what kinds of security measures you'll need to take. Some companies find that their executives need very little protection. Others need a 24/7 command post set up in their home. You should also consider whether your industry has a standard for executive protection. Companies in high-risk industries might find that there are some common levels of protection used for their executives. For example, executives at large financial services companies might have panic alarms in their homes as a standard security protocol. Researching common protective measures in your industry can enable you to benefit from others' experience.