Executive Security During Public Controversy | CloseProtectionHire

When an executive’s name appears in connection with a corporate scandal, a contentious business decision, a product failure, or a high-profile regulatory matter, something specific happens to their threat profile. They become identifiable, they become a focus for grievances, and their professional details – already largely public – become actively used intelligence for individuals who want to approach, confront, or harm them.

This is not speculation. The Fixated Threat Assessment Centre (FTAC) was established in 2006 specifically to manage the risk to public figures from individuals who develop a focused, perseverative hostility following a triggering event. Corporate controversy is among the documented triggering events. A CEO whose name and face appear in national media as the individual responsible for a widely criticised decision becomes, for some readers, a named target for grievances that previously had no specific focal point.

This guide covers the security response to public controversy: the threat assessment framework, the specific adjustments to the security posture, and the protective intelligence tools that provide early warning.

How controversy changes the threat picture

Before a controversy becomes public, an executive’s threat profile reflects their general position: seniority, sector exposure, public profile, travel destinations, and the organisation’s own threat environment. This is a manageable, relatively stable picture.

When a controversy breaks:

The audience of motivated individuals expands. A product recall that has harmed consumers creates potential grievants across an entire customer base. A redundancy programme creates actual grievants – individuals who lost income, security, and status as a direct result of decisions the named executive made. A regulatory investigation creates scrutiny from a different direction – journalists, short-sellers, regulators, and the public – some of whom may act in ways that create safety risk.

The targeting intelligence is freely available. The same media coverage that names the executive typically includes their job title, a photograph, the company’s office address, and links to their LinkedIn profile. LinkedIn may confirm their office location, their conference speaking schedule for the year, and their professional network. This is enough targeting intelligence to locate, survey, and approach an executive without any specialist intelligence capability.

Fixation risk increases. FTAC research identifies that individuals who make threatening contact with public figures typically begin with expressions of grievance before escalating. The controversy period is the window during which new fixated individuals form, and the early warning indicators are present before any overt threat is made.

The immediate threat assessment

When a controversy becomes public, the security team or security manager should conduct an immediate threat assessment that addresses:

The grievant population. Who has been materially harmed by the decision or event that created the controversy? Former employees, customers, investors, regulators? The more identifiable and the more direct the harm, the higher the initial threat level.

The executive’s digital footprint. Is the residential address suppressed from the electoral register and Companies House? Is it discoverable through a basic open-source search? (If it is, this is an immediate remediation task – see the executive digital footprint management guide.)

The public schedule. What appearances are already committed? Are any of these in environments with known predictable hostile assembly (shareholder meetings, public forums, protest-adjacent locations)?

The existing security posture. What security measures are currently in place? What additional capability can be activated quickly – a vetted CPO for the elevated period, a close protection vehicle, protective intelligence monitoring?

This assessment should produce a written threat level designation and a set of adjustments to the security posture for the duration of the elevated threat period.

Protective intelligence monitoring

The most practical early-warning tool during a controversy is open-source and social media monitoring for indicators of targeted hostility. The distinction the monitoring is looking for:

General negative sentiment – comments about the company, the decision, or the executive in general terms. This is background noise.

Targeted language – direct address to or about the executive by name, reference to personal details (where they live, their family, their vehicle), expressions of intent rather than opinion.

Fixation indicators – a single account posting sustained, escalating content about the executive specifically over a period of days or weeks, cross-platform activity referencing the executive, and any content that moves from grievance expression to described action.

Control Risks, Kroll, Secureworks Digital Risk Protection, and specialist protective intelligence providers offer monitored keyword alert services with human assessment of flagged content. The monitoring brief should include the executive’s name, close variants (initials, known nicknames), the organisation’s name, and the specific controversy topic.

Monitoring should activate at the start of the controversy. By the time an incident has occurred, the monitoring function has failed in its purpose.

Schedule management during controversy

The objective of schedule management during a controversy is not to eliminate the executive’s public presence – in most cases that would be professionally untenable and might escalate media interest. The objective is to ensure that appearances that do occur are secured at an appropriate level.

For each committed public appearance during the controversy period, a brief advance assessment should determine: the access control arrangements at the venue, the route options, whether a CP presence is appropriate, and whether the appearance can be managed at a modified location (an alternative room, a different entry route) that reduces predictability.

Appearances that create the highest risk:

• Predictable annual events (AGMs, annual conferences, industry awards) where the executive’s presence is expected and their arrival time is known
• Events in outdoor or open-access environments where access control is limited
• Events near protest assembly points related to the controversy
• Appearances where the audience includes individuals with direct grievances (employee meetings during redundancy programmes, public consultations during a controversial project)

For these appearances, a vetted CP officer – operating covertly where appropriate – attending the advance and the event is a proportionate response, not an excessive one.

Digital footprint review

The executive’s digital footprint review should be confirmed as current at the start of the controversy, not planned as a future action. Specifically:

Is the residential address removed from the commercially sold electoral register (edited register opt-out under the Representation of the People Act 2000 Section 9A)?

Is the director’s residential address suppressed at Companies House under Section 1088 of the Companies Act 2006?

Are social media privacy settings set to the appropriate level, particularly for any platforms that tag location or display home-area details?

If any of these are not in place, they should be addressed before the controversy has run long enough to have been researched by a motivated individual.

Residential security during controversy

The executive’s home is their most predictable and fixed location. During a controversy period, the residential security posture should be reviewed against the updated threat level. Common adjustments:

CCTV monitoring and alert sensitivity reviewed and confirmed as functioning. Any gaps in coverage (blind spots, cameras with reduced quality) addressed.

Domestic staff and family briefed on the elevated threat period – specifically what to report and who to call if they observe surveillance activity or receive unusual contacts.

Visitor and delivery access control confirmed – no unannounced access to the residence by unfamiliar parties.

If the threat assessment warrants it: temporary increase in security patrol frequency, or a short-term static guard at the property.

For the residential security infrastructure that underpins this review, see our residential security for executives guide. For the protective intelligence methodology that provides ongoing threat assessment, see our protective intelligence guide. For the corporate crisis management framework that the security response sits alongside, see our corporate crisis management guide. For the specific personal security response when the controversy is driven by an activist or protest campaign – how groups identify executives through Companies House, the escalation pattern from organisational to individual targeting, legal tools under the Protection from Harassment Act 1997 and National Highways v Persons Unknown [2021] EWHC 3081, and the residential protest response – see our guide to activist targeting of corporate executives.

Sources

FTAC: Fixated Threat Assessment Centre Annual Report 2023, Metropolitan Police/NHS England. Control Risks: Threat Assessment During Corporate Controversy 2024. Kroll: Protective Intelligence and Executive Security During Reputational Events 2024. ASIS International: Protection of Assets – Threat Assessment and Management Chapter, 2024. NPSA: Protecting Executives and Public Figures, National Protective Security Authority, 2024. NCSC: Online Safety and Digital Footprint Management, 2024.