Today’s leaders are more exposed than ever before, due to constant digital connectivity and public visibility. This new era brings complex risks that go far beyond traditional physical security. Successful executive protection now requires a strategy that addresses both digital and physical threats, often occurring at the same time. 

Recent high-profile incidents highlight the rising challenges. Organizations have a duty of care to protect their leaders, but is your executive protection program keeping pace with increasing risks? A new study undertaken by ASIS International and Everbridge uncovers critical gaps and opportunities, and this post explores how the threat landscape is evolving, what challenges organizations face, and the key strategies to build a robust protection program. 

Executive protection in a shifting threat environment 

Executive protection has surged up the agenda. According to the new study, 42% of security professionals report a significant increase in focus on executive protection in just the past 18 months, a clear response to a rapidly growing and evolving threat landscape. 

Two major drivers are fueling this urgency: 

• Rising public threats (72%): Social media and online forums amplify dissent and anger, often breeding direct threats against executives. 
• High-profile incidents (69%): Events such as the assassination of a prominent CEO in 2024 have put executive risk on center stage for boards and security leaders. 

The lesson is clear: executive visibility, including digital presence and company communications, increases vulnerability. Threats are now global, persistent, and often initiated online. 

The modern threat: where digital meets physical 

Threats today arise from the intersection of online and offline worlds, creating complex scenarios that traditional security alone cannot address. 

Physical threats enhanced by technology 

Traditional kidnapping and assault scenarios have evolved. Attackers use digital tools to plan incidents, analyze public routines, and bypass conventional security. Publicly shared information makes executives’ movements predictable, while personal tech can compromise safety almost anywhere. 

Escalating cybersecurity threats 

Cyberattacks against executives are more frequent and sophisticated. Deepfake technology, for example, can create fake video calls and social media content nearly indistinguishable from reality. One organization lost $25.6 million in 2024 when a finance employee joined a deepfake video call with “colleagues.” Online intimidation and digital surveillance are now common precursors to real-world attacks. 

Challenges holding back executive protection 

As risks mount, many organizations struggle to implement effective protection programs. The recent ASIS and Everbridge research spotlights disconnections between awareness, funding, and action. 

Budget and executive buy-in 

Budget limitations (58%) are the largest barrier, followed by executive non-compliance (47%). These challenges reinforce one another: without executive support, security programs lack funding; without resources, their value remains unproven. For programs to succeed, security must be framed as a business enabler, key to continuity, reputation, and leadership confidence, not as a mere checkbox. 

Gaps between awareness and action 

According to the ASIS and Everbridge research, there are stark differences between how important security professionals rate various practices and their ability to implement them: 

• Online threat monitoring: 65% say it’s critical; only 51% feel equipped to do it well. 
• Protecting digital assets & secure communications: 57% rate it highly; just 42% feel capable. 
• Behavioral threat profiling: 48% see it as important; only 33% have solid capabilities. 

These gaps reveal that while digital risks are widely recognized, many organizations aren’t yet equipped to manage them effectively. 

Key strategies for modern executive protection 

To address these challenges, organizations must modernize their approaches, merging analysis, technology, and people. 

Integration of digital and physical security 

Threats originating online can escalate rapidly into the physical world. Effective executive protection uses open-source intelligence (OSINT) and social media monitoring not just to track sentiment, but to identify specific, actionable threats. The study found that while OSINT is widely used (82%), most organizations lack the tools for real-time analysis or behavioral threat detection. Investing in these technologies makes it possible to move from reactive to proactive risk management. 

Proactive travel risk management 

Executive travel is still a top exposure. Yet many companies take a piecemeal approach: 

• 18% rarely or never assess travel risks in advance. 
• 25% don’t offer pre-travel safety briefings. 
• 30% only monitor intelligence after a known threat arises. 

This reactive stance leaves executives vulnerable. Best practices demand pre-trip risk assessments for every journey, thorough briefings, and ongoing monitoring, not just after a threat emerges. 

Governance and training 

High-level support is essential. Board oversight, adequate resources, and executive participation in security planning are crucial, not just for physical threats but as part of broader cybersecurity compliance. New SEC rules underline the need for C-suite involvement. 

Yet training often lags. While situational awareness training is common, scenario-based exercises are rare, despite being invaluable for testing protocols. Fewer than half of organizations offer executives training in emergency procedures, IT security, or even self-defense, leaving many leaders unprepared for new-age threats. 

Building a culture of security 

Technology is only half the battle. Fostering a culture where leaders understand risks, model best practices, and cooperate with security staff is vital. Security teams should track incidents and measure the effectiveness of their programs, using data to make the business case for ongoing investment. 

The path forward: resilient, data-driven protection

To secure buy-in and resources, security leaders must present protection as a strategic investment and support this with measurable results. Yet, according to the ASIS and Everbridge study, more than a third of organizations lack any formal evaluation process for executive protection. 

By implementing clear KPIs, tracking incidents, and analyzing outcomes, organizations can demonstrate value, adjust tactics, and ensure constant improvement. 

As the threat landscape grows more complex, protecting today’s high-profile leaders demands an integrated, data-driven approach. Digital and physical security must operate in tandem, powered by proactive intelligence, solid processes, board support, and comprehensive training. 

Is your protection program evolving with the times? To benchmark your organization or learn how to strengthen executive protection, download the full Executive Threat Environment Report. 

Want deeper insights and practical advice? Watch our on-demand webinar, Executive Protection in a Volatile World, and gain strategies directly from leading experts. 

Discover how Ameren leverages Everbridge to stay resilient during Midwest weather disruptions and ensure regulatory compliance for nuclear facilities. From location-based notifications with maps to customizable forms for external stakeholders, Everbridge transforms how Ameren handles critical events.

[00:11.4]
Everbridge has changed the way my team responds to disruptions and critical events in a variety of ways. One way I can think of is, we tend to have bad weather in the Midwest. Inclement weather, whether it’s like, tornado season, whether it’s fire season, or even in the winter.

[00:31.5]
It always kind of poses, challenges operationally and also just for coworkers trying to get to their work center.

[00:44.9]
One thing that happened this winter was that there was a massive, snow and ice storm and business segments were scrambling, trying to figure out who was going to be able to be remote, who was going to be able to work where. And Everbridge really came in key there because there’s a really nice function, with their incidents and notifications that allows you to kind of create an ad hoc HTML, little web page.

[01:08.8]
And that page you can actually add valuable, visual information like maps. So we were able to utilize this function and send texts to key, employees at specific locations, because Everbridge also allows you to put in specific location information for employees.

[01:27.2]
So we were able to target the employees who work at specific places and then send them key information just pertinent to them so they knew, where was safe to drive and where wasn’t, and it also kind of helps other employees know, okay, if we sent you a certain message, you don’t report to work.

[01:44.9]
But if we sent you this message with maps and information, then you know exactly how to get to work and exactly where to park and where the safe spots are.

[01:57.5]
The one way Everbridge has helped my organization stay resilient is just how customizable it is to situations that might happen to differt business segments. One such time is we support, nuclear facilities, and one of the nuclear facilities needed to find a way to send customizable information to external stakeholders that needed to be received in a very specific amount of time and acknowledged in order to maintain, regulatory compliance with their governing body.

[02:32.3]
So through Everbridge we were able to engage some professional services and build out really, really complex forms that had various ways to input information. So they were like dropdown toggles. There was a place for manual input, and it was great because it allowed them to achieve the level of granularity that was necessary.

[02:53.8]
And then send that to external stakeholders who were simply able, type like yes, or whatever they needed, to respond within the allotted time. This was vastly different than the system that they were using before, in the best possible way. We could see that data visualized exactly when people responded, who responded.

[03:13.1]
And we had the flexibility to send it to, specific people within an organization. So it was just incredible. The nuclear team is using it and they’re loving it. And we are constantly in conversations about how we can further expand.

[00:07.0]
In health care, which is my industry. We have a lot of different use cases for the use of Everbridge, because we not only have to protect our 30,000+ employees, but also our daily inpatient count of three to 4,000 patients, and all of the people who come to all of our health care locations.

[00:29.3]
So we need to not only be able to dispatch or, respond to power outages, or floods, and things like that, but we also respond to medical emergencies within the hospital. And Everbridge has really helped us do that, and be able to send timely messaging out, to respond to cardiac arrests, patients who are having strokes or having significant medical emergencies in the hospital.

[00:59.5]
When we first started as a network, which was in 2016, it was truly like the Wild West. Everybody kind of did their own thing, and hospitals are very noisy places to begin with, and we would, send messages over intercoms and things like that hundreds of times a day.

[01:21.1]
Everbridge has allowed us to do a lot of that dispatching, and a lot of that response to emergencies, without having to make overhead announcements as much. So it leads to a much better, healing process in the hospital, because the hospital is now quieter, because we’ve moved most of our critical communications over to using Everbridge.

[01:49.4]
So last year, something that doesn’t happen in New Jersey very often, we had an earthquake that was upwards of 3 to 4 on the Richter scale. Doesn’t happen. So there was a lot of, uneasiness amongst our team members, and Everbridge allowed us to respond to that by sending out multitudes of messages.

[02:15.5]
We sent damage assessments to all our facilities teams. We have 18 hospitals, 600 locations, so we have to be able to very quickly, assess any damage or anything like that. So we were able to do that. We sent Everbridge messages to all our ops teams at all our hospitals to see if there were other impacts to operations.

[02:37.6]
And then we actually were able to send to all 36,000 of our employees a tip on how to respond to the wake of an earthquake. So we were able to help them with that personal, response to the event.

[02:56.4]
So Everbridge was an integral part of that whole thing. Luckily, there wasn’t a lot of damage or, any damage really. But just being able to do that very quickly was pretty impressive.