• Advertise
  • Subscribe
  • Forums
  • Buyer's Guide
  • Contact Us
  • Connect on LinkedIn
    1. Security Executives
    2. Protective Operations & Guard Services

    Why Strengthening Executive Protection Programs is a Critical Issue

    March 13, 2025
    After the UnitedHealthcare attack, organizations must have a structured and practical protection framework.
    Credit: AndreyPopov
    In the aftermath of the United Healthcare CEO assignation, boards of directors have convened emergency sessions, family offices are reassessing security protocols, and the C-suite is questioning its preparedness for emerging threats.
    In the aftermath of the United Healthcare CEO assignation, boards of directors have convened emergency sessions, family offices are reassessing security protocols, and the C-suite is questioning its preparedness for emerging threats.

    The shocking assassination of UnitedHealthcare CEO Brian Thompson has sent frissons of concern through corporate America. The attack carried out in broad daylight as Thompson made his way to an investor meeting in midtown Manhattan highlights a new and unsettling reality. In its aftermath, boards of directors have convened emergency sessions, family offices are reassessing security protocols, and the C-suite is questioning its preparedness for emerging threats.

    What makes this incident even more alarming is the apparent motivation of the alleged shooter, Luigi Mangione. Unlike traditional threat actors such as political extremists, habitual criminals, or single-issue radicals, Mangione represents a new, grievance-driven form of anticorporatism. This category of threat actor is challenging but undeniably dangerous, driven by perceived injustices rather than ideology or profit. The groundswell of public support for Mangione in certain circles—coupled with indignation over executive decisions affecting the public that are perceived as cavalier—has amplified the concern.

    This evolving threat landscape has left many corporate leaders scrambling for answers. Questions about close protection teams, security drivers, and other hallmarks of executive protection (EP) abound. While the instinct to act quickly is natural, reacting without a clear strategy risk compounding vulnerabilities and wasting resources. Instead, organizations must approach this moment with focus and care, adopting a risk-based methodology to assess and enhance their executive protection frameworks.

    The following five-step process offers a structured and practical framework for evaluating and strengthening EP programs. This approach ensures that corporate leaders can address vulnerabilities effectively without succumbing to fear or overreaction.

    Step 1: Mapping the Threat Landscape

    An effective executive protection strategy begins with clearly understanding the current threat landscape. This step identifies and analyzes potential risks, enabling organizations to tailor their security measures appropriately. Consider the following elements:

    • Geography: Analyze locations where executives live, work, and travel. Identify high-risk areas due to crime, political instability, or other factors.
    • Profiles: Assess the public visibility and industry-specific threats executives may face. Personal vulnerabilities, such as controversial affiliations or public roles, must also be considered.
    • Historical Incidents: Review any previous threats or attacks targeting your organization, industry, or executives. Patterns of behavior can often illuminate emerging risks.

    Engage stakeholders, including security teams, risk management personnel, and executives, to build a collaborative and thorough evaluation. This holistic approach lays the groundwork for an effective EP program.

    Incorporating an Independent Security Study (ISS) or an IRS 132 Assessment can provide invaluable insights at this stage. Unlike the tactical threat assessments conducted daily by the EP team, an ISS offers a broader, long-term perspective. It evaluates systemic vulnerabilities, industry trends, and blind spots, giving organizations a comprehensive view of risks that might otherwise go unnoticed. This analysis ensures a well-rounded risk assessment process. An added benefit to a 132 assessment is that the value of the protective services provided to executives can be excluded from taxable income if the company implements the suggestions from the independent evaluation in response to “bona fide business-oriented security concerns.”

    Engage stakeholders, including security teams, risk management personnel, and executives, to build a collaborative and thorough evaluation. This holistic approach lays the groundwork for an effective EP program.

    Step 2: Measuring Readiness: Evaluating Your EP Program’s Current State

    With risks identified, it’s critical to assess how well your existing EP framework aligns with these threats. This involves a detailed review of current policies, practices, and resources:

    • Policies and Procedures: Examine whether policies are up-to-date, clearly documented, and actionable. Gaps in procedural clarity can leave organizations vulnerable during crises.
    • Personnel: Assess the skills, training, and readiness of your EP team. Are they adequately equipped to handle the identified threats?
    • Technology and Resources: Evaluate the sufficiency of surveillance systems, communication tools, and access controls. Technology should be modern, effective, and well-integrated.
    • Integration: Ensure the EP program works cohesively with other departments such as HR, legal, and corporate communications. Cross-departmental collaboration is essential for a unified response to threats.

    An independent maturity assessment can be highly valuable at this point. It evaluates the readiness of the EP team to fulfill its responsibilities, identifying strengths and gaps in the program’s current capacity to address identified risks effectively. It can be additionally helpful in understanding how your program measures up against industry standards to provide leadership with insight into how EP programs are being managed and executed.

    Step 3: Focus Where It Counts: Prioritizing Risks in EP Programs

    Not all risks demand equal attention, and attempting to address every potential threat can overwhelm teams and budgets. A risk-based methodology allows organizations to focus their efforts where they matter most:

    • Risk Ranking: Categorize threats by their likelihood and potential impact. High-impact, high-likelihood risks should take precedence.
    • Mission-Critical Gaps: Identify gaps that pose immediate risks to executive safety and prioritize addressing these vulnerabilities.
    • Resource Allocation: Align personnel, budget, and technology investments with prioritized risks to ensure resources are used efficiently.

    The insights from an ISS can significantly enhance this process by providing a strategic view of risks and enabling informed decision-making about resource allocation.

    Step 4: Strengthening Skills: Training as the Backbone of EP Programs

    Training is the backbone of any EP program. Without well-prepared personnel, even the best strategies and resources fall short. Organizations should prioritize the development and refinement of their training programs to:

    • Skill Development: Equip EP teams with advanced skills to address evolving threats, including de-escalation techniques and emergency response protocols.
    • Policy Alignment: Ensure training programs align closely with organizational policies and industry best practices.
    • Confidence Building: Regular training boosts the confidence of both security teams and executives, reinforcing trust in the program.

    External training programs can be particularly valuable in aligning team operations with best practices. Accredited programs ensure that the team operates from a consistent playbook and validates their skills and preparedness. Scenario-based exercises and certifications from reputable organizations like the International Association of Directors of Law Enforcement Standards and Training are excellent ways to maintain high standards.

    Step 5: Staying Ahead: Continuous Improvement in EP Programs

    Executive protection is not a static endeavor. Continuous monitoring and improvement are essential to keep pace with an ever-changing threat landscape. Implement mechanisms to:

    • Review and Update Risk Assessments: Regularly revisit risk analyses to address emerging threats and adjust strategies accordingly.
    • Feedback Loops: Create channels for receiving feedback from executives and EP teams to identify strengths and weaknesses.
    • Benchmarking: Compare your program against industry standards and evolving best practices to ensure it remains effective and relevant.

    In an era of growing uncertainty and shifting sentiment toward corporations, the stakes for executive protection (EP) have never been higher. Navigating these challenges demands experience, adaptability, and a strategic approach that goes beyond the status quo.

    The recent tragedy in New York City underscores the importance of well-designed and thoughtfully executed executive protection programs. By following these five steps, organizations can evaluate their current state, address critical vulnerabilities, and build a resilient, effective framework for executive security. Whether undertaken independently or with the guidance of professional services, this approach ensures that actions are deliberate, impactful, and sustainable—providing peace of mind for executives and their teams alike.

    About the Author

    Robert L. Oatman, CPP, INCI, IICI | President of R.L. Oatman & Associates

    Robert L. Oatman, CPP, INCI, IICI is the President of R.L. Oatman & Associates, Inc., one of the preeminent executive protection providers in the United States. His firm has provided Executive Protection risk assessments, consultation, operations, and training worldwide since 1989. The firm specializes in developing detailed protection plans for the top executives of Fortune 500 companies and private families. In addition, the firm operates an Executive Protection training school near its headquarters in Fallston, Maryland.

    In 2019, Mr. Oatman and his team of instructors and senior staff developed a working relationship with IADLEST – International Association of Law Enforcement Standards and Training. Following strict protocols and months of documentation and review of our training materials, including the four books authored by Robert L. Oatman, we were granted National Certification for our 3-Day Fundamentals of Dignitary and Executive Protection and our 7-Day Advanced Dignitary and Executive Protection Training Programs. Mr. Oatman is also a nationally certified instructor through IADLEST and a long-standing American Society of Industrial Security (ASIS) member. He has earned his Certified Protection Professional (CPP) certification from ASIS. Since 1998, when Mr. Oatman developed the first 2-Day Executive Protection Program for ASIS, he has traveled domestically and internationally to present this 2-day program for ASIS twice yearly. 

     

    About the Author

    Michael Gips, JD, CPP, CSyP, CAE | Contributing writer at Swiftlane

    Michael Gips, JD, CPP, CSyP, CAE has written almost 1,000 articles and columns on virtually every topic in security. He is currently the Managing Director of ESRM for Kroll and the principal of Global Insights in Professional Security, LLC. This firm helps security providers develop cutting-edge content, assert thought leadership, and heighten brand awareness in a crowded marketplace. Gips is an occasional contributor to SecurityInfoWatch.com and Security Technology Executive magazine.