Written by Branden Pardue
Executive protection conjures up images of agents with earpieces driving black SUVs and talking into their wrists. But there’s much more to keeping VIPs and dignitaries safe than dark suits and sunglasses.
Physical and cyber threats are on the rise and the methods threat actors may use to find and potentially harm executives have multiplied; security teams must be aware of the multitude of online data sources where threats are being discussed and planned.
Consider the types of data that may be out there in cyberspace: is the protectee’s personal information, such as a home address, personal and work email addresses, and private phone numbers posted online? Are fake news stories about them proliferating, and if so, from where are they originating? Are protests planned in response to a policy or business decision? These clues could help steer security personnel from general concerns to a specific activity that threatens their protectee’s safety.
Executive protection is not only something that happens when your VIPs are in public; instead let’s take a 360-degree approach to nullify threats that can take different forms, including:
- Physical attacks against the executive or family members, at work, at home or while traveling
- Cyberstalking and intimidation
- Doxxing (leaking of private information online)
- Credential theft (allowing access to organizational or personal information)
- Impersonation (pretending to be the executive to access money or act negatively)
- Reputation damage (to both the person and the organization)
The impact of these risks could have global significance. Threats to a CEO of a multinational corporation could impact supply chains worldwide, and an attack on a diplomat or trade representative could disrupt delicate agreements between nations.
Online threats, Real-world Consequences
Along with physical threats, cyberattacks targeting leaders are growing rapidly — an unintended outcome of greater access to information. Nearly two-thirds (60%) of IT leaders believe that C-Suite executives are the most likely targets for cyberattacks. This often takes the form of spear-phishing (targeted email fraud) or whaling (impersonating a trusted high-ranking person in the organization), both of which are on the rise.
Whether the goal is to intimidate or harm a business or government leader, to steal something of value (such as personally identifiable information or intellectual property) or to cause economic or political uncertainty, the challenge is the same. Security professionals need a way to identify potential threats as early as possible — both to respond more effectively to imminent threats and to proactively shut them down before anything bad can occur.
Finding Answers with PAI
To build a threat assessment, Publicly Available Information (PAI) provides a wealth of data that can spotlight risks before they turn into tragedy. It’s possible to find out if an executive’s direct email or login information has been posted on the dark web, or if threatening conversations around an upcoming public appearance have been growing on certain social channels.
Threat actors are becoming increasingly aware and conscious of their digital footprints, many have learned to be more subtle in their online postings and other public communications. It may take some additional effort to sift through the clues that could point to an imminent risk event. That means not only looking for specific keywords like “gun,” but related and slang terms that could mean the same things in the right context.
It’s just as important to identify intent. Negative chatter online doesn’t necessarily mean someone will actually take steps to attack someone physically or electronically. But the online universe is populated by websites, news providers, chat rooms, social media channels, videos and graphics that could point to threat actors with both the motivation and the means to carry out their plans.
With billions of online sources to sift through — including the deep and dark web — finding relevant data is a Herculean task, especially since new or updated information is continually generated, and more than half of it is in languages other than English. Analyzing and assessing it all adds another layer of complexity and, all too often, the clock is ticking on a response. That means artificial intelligence (AI) is a must-have capability, to deliver speed, thoroughness, and accuracy.
An AI-powered tool needs to not only find exact matches for keywords but similar concepts that could identify threatening language. Moreover, the system needs to search in native languages and dialects, to spot nuances and slang that could be relevant. Images and graphics — drawings, photos, graphics, maps — can also help flesh out the nature of threatening posts. Most of all, the AI needs to tell the difference between angry words and the actual intent to harm.
Asking the Right Questions
With so much information to sort through, even advanced automation needs the right direction. A broad question, such as “How do I protect Executive X?” is unanswerable but seeking answers to more specific questions can lead to actionable insights.
If a U.S.-based executive is getting ready to attend a conference in Europe, security teams could query the system about issues related to air travel, weather, political unrest, and known concerns at and around venues and hotels — in short, conditions that might lead to a greater risk environment. Then this information can be cross-referenced with relevant information found in publicly-accessible sources online.
By analyzing elements such as geography, language, communication channels and patterns of online behavior, connections across people and organizations can be defined. This enables analysts to see who might be at the center of a threat, who might be positioned to carry it out and how credible the threat truly is, giving executive protection teams the intelligence needed to develop countermeasures.
Uncover Threats. Take Action.
Executive protection encompasses both physical security and cybersecurity. Judging the risks to executives has become significantly more complex, as discovering personal details about virtually anyone is easier than ever, thanks to the wealth of public-facing information available online. But that same PAI gives security teams the ability to quickly identify and assess threats of every description.
Babel Street’s AI-powered platform can conduct searches for relevant terms and concepts across more than 200 languages, making it faster and more accurate to identify the people or groups who have the intent and the ability to follow through on a threat — empowering security teams to understand the threat and take action.
 Trouble at the Top: Why the C-Suite is the weakest link when it comes to cybersecurity (Vanson Bourne and MobileIron [now Ivanti])