Why Corporate Executives Are Being Targeted More Than Ever
Something has shifted in the threat landscape for corporate executives over the last few years. It's not dramatic or sudden — it rarely is — but the direction of travel is clear, and the organisations that are paying attention are quietly adjusting how they think about the safety of their senior people.
This isn't scaremongering. The risks are real, they're growing, and they're worth understanding honestly.
Visibility Has Changed
A decade ago, most executives existed in relative obscurity outside their industry. Their names might appear in trade press, their company might have a public profile, but their personal lives, routines and opinions were largely invisible to anyone who wasn't actively looking.
That's no longer true. LinkedIn has made professional networks — and by extension, personal movements and affiliations — publicly searchable. Executive interviews, podcast appearances and conference speaking slots have become standard practice for senior leaders building personal brands. Social media, sometimes managed by the executives themselves and sometimes by their companies, broadcasts location, travel patterns and opinions to anyone who wants to look.
The result is that the information required to identify, locate and approach a target is now far more accessible than it used to be. That changes the calculus for anyone who means harm — whether that's a disgruntled former employee, an organised criminal group, a protest movement, or a foreign intelligence actor.
The Anti-Corporate Sentiment Problem
Public attitudes towards corporate leadership have hardened in many countries, including the UK. The combination of high executive pay, cost-of-living pressures, and high-profile corporate failures has created an environment where hostility towards senior business figures is more socially acceptable than it was twenty years ago.
For most executives, this manifests as online abuse and reputational pressure — unpleasant, but manageable. For some, it escalates. Protest groups have become increasingly willing to target individuals directly, showing up at private addresses, conducting surveillance on daily routines, and using harassment as a deliberate tactic. The line between organised protest and targeted intimidation is thinner than many organisations appreciate until it's crossed.
The murder of a US insurance CEO in late 2024 — and the public reaction to it in some quarters — was a stark illustration of how far sentiment in certain circles has shifted. It would be naive to treat that as an isolated event with no lessons for how organisations think about executive security.
The Kidnap and Extortion Picture
The kidnap and ransom landscape has also evolved. While high-profile kidnappings in conflict regions still occur, organised criminal groups have increasingly turned their attention to softer targets — executives travelling to emerging markets, family members of wealthy individuals, and corporate principals operating without any visible security presence.
The targeting isn't random. It's intelligence-led. Criminal groups identify targets through open-source research, business registries, property records and social media. They look for patterns — regular travel routes, predictable schedules, unprotected family members. The time invested in pre-operational surveillance is often significant, which means by the time an incident occurs, it has been planned carefully.
Organisations that treat kidnap and ransom as a risk that only applies to conflict zones are operating with an outdated map.
The Cyber-Physical Convergence
One of the less discussed developments is the convergence between cyber threats and physical ones. Information gathered through phishing attacks, data breaches or social engineering can be used to build detailed profiles of executives — their travel schedules, home addresses, financial positions, family details. That information can then feed physical threat planning.
The reverse is also true. Physical surveillance of an executive — watching who they meet, where they go, when they're alone — can inform targeted cyber attacks, blackmail or social engineering. Organisations that manage cyber security and physical security as entirely separate functions are missing the intersection where some of the most serious risks live.
What Organisations Are Getting Wrong
The most common failure we see is reactive thinking. Organisations act after an incident — a threat letter, a confrontation, a stalking complaint — rather than before. By the time the call comes in, the situation has already developed in ways that are harder to manage.
The second failure is the assumption that security is only necessary for the very top tier. CEOs and board members sometimes have protection. The CFO, the General Counsel, the head of a controversial business unit — people who are equally visible and arguably equally exposed — often don't. Risk should be assessed by threat, not by job title.
The third failure is treating security as a binary. Either you have a close protection officer present, or you don't. In practice, the most effective approaches sit between those poles — threat assessments that identify the actual risk level, low-profile monitoring arrangements, residential security reviews, travel risk protocols and personal security awareness training. These measures are often more appropriate than a full CPO detail, and they cost considerably less.
What Good Looks Like
Organisations that manage executive risk well tend to share a few characteristics. They assess threat proactively and review it regularly, rather than waiting for something to happen. They take a joined-up view — physical, cyber and reputational risk considered together rather than in separate silos. They make sure executives themselves understand the risks and how their own behaviour — particularly online — affects their exposure. And they have a plan that's been thought through before it's needed.
Close protection is part of that picture when the threat level warrants it. But it's one tool among several, and the right tool depends entirely on the risk environment.
If you're a business that hasn't recently reviewed the security picture for your senior leadership, it's probably time to do so. The threat environment has changed, and the gap between organisations that have adapted and those that haven't is widening.
Get in touch with Prospera. We'll give you an honest answer.