On 4 December 2024, the CEO of United Health, Brian Thompson, was shot and killed on a New York street. Suddenly, executive protection became a hot topic among business leaders around the world. What had previously been a "nice-to-have" suddenly became a necessity.

A year later, Signal's US distributor, Everbridge, has sponsored a report from ASIS (a global community of security professionals across industries and disciplines) that examines the current state of executive protection. The report, The Executive Threat Environment: Benchmarking Research on Risk-Based Approaches to Executive Protection, is a wide-ranging document with data from over 400 security professionals and 100 security consultants worldwide.

For many corporate security teams, these findings highlight familiar challenges: limited budgets, inconsistent policies and uneven executive buy-in. The report also contains valuable information for anyone considering the role of Open Source Intelligence (OSINT) in their security toolbox.

A growing focus on executive protection

It's not a huge surprise to see that 42% of security professionals surveyed by ASIS saw a significant increase in focus on executive protection. When we dig into the reasons, the connection to recent events, such as the New York assassination, becomes even clearer. High-profile incidents are cited as a driver by 69% of the security professionals surveyed. A general increase in public threats (72%) and specific threats to executives (61%) paint a strong picture of a threat environment that is now capturing the attention of corporate decision-makers.

What are security professionals doing about it?

Despite the risks, major gaps remain in executive protection. Only 55% of those organizations with 100,000 or more employees (or students) had a formal executive protection policy. That number drops to just 26% among those with fewer than 50,000 staff or students.

This shortfall may stem from misconceptions about what executive protection actually involves. Many professionals still associate it solely with physical security details. But, as one ASIS respondent put it:

“…true executive protection is a proactive risk-management discipline that blends intelligence, logistics, behavioral analysis, medical preparedness, and operational planning to ensure the principal's safety without disrupting their lifestyle or productivity.”

The importance of executive protection

The renewed focus on executive protection may also be due to a realization from corporate leadership of the benefits that it offers beyond physical security. Good executive protection reduces liability risks and protects organizational reputation. As the public face of their companies, an incident involving an executive can undermine confidence among investors, customers and employees alike.

Effective executive protection can also help attract and retain top talent. Demonstrating that the organization takes leadership safety seriously sends a strong signal about its values and professionalism, another tool for competing for the very best leadership talent.

The role of OSINT in executive protection

The ASIS report examines the technical capabilities necessary for effective executive protection, with online threat monitoring ranked as the most important capability. Of the more than 500 security professionals and consultants surveyed:

• 65% said online threat monitoring was important, but only 51% of respondents believed they had full capability.

• Real-time OSINT was ranked as almost as important (63%), yet only 50% of those surveyed believed they had full technical capability.

Of those organizations that had the technical capability, OSINT (82%) and social media monitoring (79%) were the most used methods to identify and assess threats. So, if these are the most used methods, why aren't all organizations using OSINT for executive protection?

One of the biggest challenges comes from executives themselves

One of the findings of the report of interest to those outside security circles, but unsurprising for those on the inside, is that executives are one of the biggest hurdles. Those surveyed identified the top two concerns were:

• Budget constraints (58%).

• Executive non-compliance (47%).

Data to build a business case

In the absence of sensational headlines, security professionals need to build a business case to expand their capabilities. And the best way to build a business case may lie with OSINT tools themselves. Currently, less than half of security professionals surveyed in the report provide comprehensive data to leadership to justify their requirements. Only 41% considered data logging and exportable analytics to be essential capabilities for their executive protection, and only 25% regarded automated after-action reports as necessary.

That’s a missed opportunity. Measurable data can demonstrate return on investment, showing that effective protection prevents incidents rather than simply responding to them.

Good OSINT provides good data

The AI-enabled reporting of products like Signal provides security teams with the data they need to strengthen their cases and further enhance technical capabilities. Using AI, Signal compiles summaries and reports for leadership to demonstrate the extent of threats and the effectiveness of proactive actions taken to mitigate risk.

Having AI as part of the tool reduces the workload on an organization’s team to provide the reports, freeing them up to make the proactive interventions necessary. Signal is also cost-effective, providing real-time, scalable OSINT. The coverage is broad, allowing security teams to have eyes in locations where they can't be physically present.

Effective OSINT yields additional ROI across the organization. It can inform travel planning and reputational management, ensuring a greater "bang for buck" and allowing security teams to have input in other areas of executive protection that go beyond close physical protection.

Summary

Using tools such as Signal gives security teams important capability in real-time OSINT and provides valuable data to build business cases for enhanced protection. The case can’t be built on fear alone. The ASIS report carries some valuable advice for any security professional wanting to make the case for better executive protection:

"Avoid using fear-based messaging. Instead, communicate the value of protection in terms of business continuity, reputation management and operational efficiency.

Build trust by being discreet, professional, and solution-oriented. Involve them in decision-making processes, offer options rather than ultimatums, and always back your recommendations with clear, real-world examples and risk intelligence. Ultimately, the key is to position security as an enabler—not an obstacle—of their success."

With the right data and tools, security teams can build stronger, smarter protection programs.

When you're ready to join those security professionals who see the real value of quality, comprehensive, and real-time open-source intelligence, we're ready to talk. Book a Signal demo today.