At Bryghtpath, we’re often asked about risks and threats faced by Senior Executives of major corporations and non-profits – and how to best go about planning for those risks.
In this episode of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser and Senior Consultant Jennifer Otremba talk through our experiences with protecting senior executives. Topics discussed include executive protection, travel security, office security, security at an executive’s home, and events/appearances that may pose an additional risk.
Bryan Strawser: We’ve been asked recently about executive services or executive protection. How does a company or organization go about protecting their senior executives? What do other companies do? We get asked that a lot. Like, compare us to other organizations in our industry. Or it’s just the question that I think we got early November was, look, our CEO is speaking at this big event. We don’t really ever do anything for their personal protection. Should we be doing something?
Jen Otremba: The answer is yes.
Bryan Strawser: The answer is probably yes.
Jen Otremba: If you’re asking the question, the answer is probably yes.
Bryan Strawser: So let’s lay some background before we get into the solution to this challenge. Corporate executives, nonprofit executives, public sector commissioners and others that run big agencies, they have varying levels of risk, but their risk is not like the risk of a typical employee, as much as they might want to make themselves out to be everyday Joe or Jane. They’re representing their organization. There’s a certain level of risk that goes with that leadership job that they’re in.
Jen Otremba: They’re the public face of the organization.
Bryan Strawser: They’re the public face.
Jen Otremba: When people have a beef with the organization, chances are your face, senior leader, is the one that they’re going to have the beef with.
Bryan Strawser: In all of this, and you’re going to hear us say this several times, there’s a very difficult balance to achieve that’s a little unique to the culture of the organization that we’re talking about, but I don’t know many CEOs that want to isolate themselves from the world or their employees. At the same time, none of them want to be in any personal danger, or if they think about this. A lot of them don’t think about this at all, but none of them wants to be in a place where there could be harm brought to them or their families or that other people they work with could be in harm’s way because of them. And so there has to be a balance struck, as there always is on security issues, between how we protect the organization and the people and still run the business and let the CEO and other C-suite executives be available to employees and the public and others as appropriate.
Jen Otremba: Right and manage the way they want to manage or they choose to manage.
Bryan Strawser: So there’s interesting risks that goes with executives. We’re kind of using the generic term executives here. We’re generally talking about the CEO, but depending upon your organization and the size of your organization and its prevalence in society, we might really be talking about many others in your company. It could be the CFO. It could be your general counsel. It could be the head of a division. It just depends on your organization’s unique place in the community and how well-known that executive is.
Jen Otremba: What type of organization it is. What kinds of challenges does that organization face?
Bryan Strawser: So there’s four areas in which we think that there’s risk to executives and that’s about the office, their home, when they’re traveling and events that they’re attending. Let’s talk initially about … Let’s talk about the office environment.
Jen Otremba: Okay. Let’s start there.
Bryan Strawser: We think about the office as this … For the most part, when your executives are at work, it’s a fairly low-risk environment for them. They’re probably behind some kind of primer, access control, only employees and authorized can come into the office, and their office is probably in some part of the building that maybe is or isn’t secured off, but probably isn’t publicly known.
Jen Otremba: Or publicly seen.
Bryan Strawser: Publicly seen, where it’s at.
Jen Otremba: Or if it is, it maybe shouldn’t be.
Bryan Strawser: Right. That’s correct. Employees will probably know where the CEO’s office is, but they may not be able to access that area, or if they can, there might be other barriers that would allow someone with intent to do harm to gain access to that area, but with all that said, we generally think of when a CEO is at work, an executive is at work, it’s a pretty low-risk environment most of the time.
Jen Otremba: Right. Because of all those safety measures.
Bryan Strawser: Because of all those measures.
Jen Otremba: By nature are already in place.
Bryan Strawser: If there’s an active threat, that’s obviously a different situation, and you should deal with that according to your workplace violence threat management approach. But generally, work is a pretty safe location. Even if they were to leave the office and go somewhere else, their schedule is not public. It’s an unscheduled movement. It’s not announced. People don’t know.
Jen Otremba: It probably varies, and it should vary. Probably shouldn’t be leaving the office at the exact time every day using the same route every day. Should avoid doing things like that.
Bryan Strawser: CEO-designated parking and things like that in public places can be a dangerous thing. I would think about signing those in a different way than putting a sign out front that says reserved for CEO. But it just depends, again, on your organization’s particular risk profile and things.
Jen Otremba: Might want to consider not going to lunch at the exact same place every day at the same time every day, kind of varying that schedule.
Bryan Strawser: Right. Home is a different story. Homes, at least in the U.S., are generally fairly low-risk because it’s not often that someone targets a CEO’s home or for protests or for other activities. But at a minimum, there should be some security precautions thought through. We believe that no matter the size of the organization, you should have a security professional look at the CEO’s residence. You’re looking for basic things like, do the locks work? Is there a fence or a privacy fence or is that even an option? Is there an alarm system? Is there panic alarms? Is there a safe room? Again, this really depends on the prevalence of the profile of the CEO, the risk profile of your organization. But if you need a security system contact locksmith hartford ct. But you should look at this and make a risk-based decision about their residence and what you want to do. Often, with a CEO’s or executive’s residence, it’s kind of some security through anonymity here that perhaps it’s difficult to find out where they live. They’ve purchased the home through an LLC or a trust that doesn’t have their name on it. These are all things that help disguise the location of a residence. It adds some obscurity to a security situation.
These are all things that I think you can look at. When you get into larger homes, then I think you need to look at fencing and gates and things that are … can be tastefully done but add a security presence and make it a little bit more of a hardened target.
Jen Otremba: Alarms, video, surveillance, that kind of thing.
Bryan Strawser: Correct. The area of bigger risk in our minds is really around travel and events because there’s more exposure to things that are going on. Travel is a tough one because again, this is going to be risk-based. Where are they going and why? And what is that destination that’s involved? If they’re going from Minneapolis to Chicago for an internal company meting, again, scheduled but not announced. Nobody really knows. Less of an issue. If they’re going to go speak at a conference in India and they’re the keynote speaker, much higher risk challenge. India is more difficult. There are obstacles there in terms of traffic and traffic accidents and vehicle availability that you don’t have, are less of an issue in the U.S. And it’s an event. You have less control over who’s going to be at that event and what their approach might be.
Jen Otremba: That said, you might want to start thinking about what the mode of travel looks like for that exec. How are they getting there? Car service.
Bryan Strawser: Yeah, what’s their transportation on the ground?
Jen Otremba: Are they flying there? What does that look like exactly? And just thinking through good planning around security.
Bryan Strawser: Our approach. We’ve had a lot of experience operating in India and planning major events in India with clients. When we have a client CEO go to India, we are usually advancing the trip, meaning that we’re sending somebody from an executive protection, executive services standpoint to run the route, make sure everything is planned out, the hotel is clear. We get the room check-in all accomplished prior to their arrival.
Vehicle-wise, we roll with primary vehicle, backup vehicle that’s trailing. We’ll hire trusted local providers for both and the security presence in the second vehicle. The purpose of the second vehicle, this is not some Secret Service thing where there’s an assault team, but it’s in case the first vehicle breaks down, has an accident or something else happens because we’re really less worried in a lot of these cases about a violent attack and more about traffic accidents and vehicle problems and other things that come up in the normal course of business. But you don’t want to be stranded on the side of the road in India if you’re the CEO of an organization. So we want to have that other vehicle there to be able to make a swap and then continue.
Jen Otremba: And you don’t want your CEO to be stranded there on the side of the road, let me tell you.
Bryan Strawser: Particularly not if you’re the head of security. They will call you. They will not be polite.
Jen Otremba: No.
Bryan Strawser: Hotel choices are also a big thing when we talk about trips in the higher risk locations. Then you need to choose an appropriate business hotel, and you need to be familiar with the security processes at that hotel. So just continuing with the India example, my experience has taught us that I’m going to look for a hotel that caters to business travelers that has adequate standoff security, meaning they’re inspecting vehicles 300 feet out, etc. They have screening for visitors coming in, so that we’re mitigating the risk of weapons and explosives and others in the hotel and that the hotel itself has a good, walled secure perimeter with controlled egress and etc. They go on. Again, this will just depend on the method of travel.
We talked about air travel a little bit. Things to look at here, if you’re a bigger company, you probably own or have access to your own aircraft. I know it’s super trendy and cool to paint those aircraft with logos and hey, this is the Wells Fargo jet, and you can tell because it’s got the carriage on the side. I’m making this up. I’m sure they don’t do this. But I’ve had arguments with executives at some of our clients about I know you want to do that, and I know it’s super cool, but it tells everybody that that’s your jet.
Jen Otremba: It goes back to the balance of everyone knowing who you are and that you’re public facing and all of that and security of the brand that you are representing.
Bryan Strawser: Commercial travel, different story. You’re on a Delta jet or whatever, the same as everybody else that’s going on. You’ve got lots of options there. Bags and baggage pickup and going through Customs and Immigration. There’s lots of hangups that can happen in that process.
Jen Otremba: There are many things to think through, exactly.
Bryan Strawser: Lastly, events. We mentioned events a little bit earlier. Events are the moment of greatest risk because events are announced. Even if it’s an internal company event, if it’s a big event, people are going to know. You have generally less control over who has access to the event. This is where advance work becomes really important, that you understand the logistics of your executive’s involvement in that event — where do they show up, where’s the waiting area?
Jen Otremba: Where are they going to sit?
Bryan Strawser: Where do they sit? These are all things to plan out. Realize that these events mean that there will be unsolicited opportunities for people to approach and engage in conversation, confront. We had a speaker. We’ve had experience with a client where one of their executives was speaking, not their CEO, on a panel. They had just been involved in a controversial decision, political decision. When the Q&A started with the audience, the entire people that got in line for the Q&A all went after this guy from our client because they took issue with this decision and his involvement in that. And they couldn’t get away from them. So those are all things that have to be thought through and planned so that you can really manage through these events in a way that there’s no harm brought to anybody. The company’s reputation is protected as you go through that.
Lastly, there’s the aspect of the CEO’s or the executive’s personal lives comes into play. Sometimes, they have prominent spouses who might engender their own controversy. So you need to be looped in and understand and monitor what’s going on with their spouse. They could be an activist, a politician, a business leader in their own right, nonprofit leader as well. So you need to understand what that might mean and how that might blow back onto your client, so to speak, your executive. From a personal life standpoint, there’s also the what does your CEO or your executive do when they’re not at work?
Jen Otremba: Yeah, what are they doing to ensure their own personal safety?
Bryan Strawser: Right. Are they driving themselves around or do they have a driver? Do they get their hair cut every Saturday at 11:00 at the same salon or barber? Or whatever their preference is?
Jen Otremba: Their routine is.
Bryan Strawser: Yeah, what’s their routine? Do they always grocery shop at the same store at 10:00 on Sunday morning?
Jen Otremba: Go to the same gym at the same time.
Bryan Strawser: Right. These are all things that I think you want to have an understanding of, and I think helping your executives understand too that again, with this risk-based approach, there are decisions that they’re going to make on their own that don’t involve the company that will involve the company. We have experience with a situation where a client CEO made a large political donation of his own accord. It had nothing to do with the business, but he made it to a controversial politician, and then there was blowback. The blowback came back to the company, not to him individually, to the point that activists decided that the best way to get at him, because they couldn’t get him at work, they couldn’t get him at home because his home was too far — his driveway was too long — they found out his daughter was getting married, and so their approach was we’re going to protest the wedding because we can have an impact on that. Fortunately, law enforcement was able to dissuade them that that action was pretty dumb. But that’s the kind of thing that you have to be aware of and be able to plan for with this.
Jen Otremba: Right. And understand the risk.
Bryan Strawser: And understand the risk. As you think about all of this, do keep in mind if you’re a publicly-traded company, there are SEC guidelines around security from the standpoint that some of the things we’ve talked about – alarms, corporate travel, protection efforts, a driver — some of these are benefits, perks, the way the SEC defines them. You will have to disclose these in your SEC filings, so work with your counsel, your compliance team on these things if you pursue some of this. Just understand that these things will become public. Not the details, but they’ll know that you spent X dollars on security for your CEO in those cases.
So to wrap it up, make it risk-based. Realize the real threat is really less about an act of harm or a threat of violence. It’s about traffic accidents and medical emergencies and issues. Build a real program, even it’s just part of one person’s responsibility, but there’s very specific training. There’s a science to some of this in terms of how to plan an event, how to advance a trip and the things that you want to do. There’s plenty of organizations out there that can help you. And don’t hesitate to call us. We can help you as well.
In this episode of the Managing Uncertainty Podcast, Bryghtpath Principal & CEO Bryan Strawser takes a look at using physical security penetration testing order...
In this insightful episode of Managing Uncertainty, Bryan Strawser of Bryghtpath breaks down the 11 crucial elements of a solid business continuity program. Discover...
Discover the incredible potential of artificial intelligence in transforming our world as we discuss Mark Andreessen’s thought-provoking article, “Why AI Will Save the World”...