A significant shift is taking place in how protection teams execute the government’s physical security mission today, requiring a new perspective on how human lives are protected in a threat landscape with no perimeter.
Force protection teams, executive protection units, secret service officers, and others serving in a personnel protection capacity for the government have traditionally been characterized as door-kickers, those ready and willing to take a bullet out of service and duty to their leader and country. They are, in fact, trained from a law enforcement perspective, ready to identify a potential sniper operating from a tenth floor or ready to transition tactics when a peaceful protest turns violent.
But today, threats are emerging in the cyber landscape as well. When threats such as impersonations, doxxing, and cyber stalking are planned and executed outside the boundaries of any physical location, the approach to executive protection must change.
The Evolving Physical Security Incident
Traditionally, for any given physical perimeter, i.e. a concert stadium, parade route, or events like Independence Day on the National Mall, there have been limited access points (and limited exposure) for force protection teams to secure. While some events are more populated than others, for the most part, protection teams have been able to rely upon existing protocols, practices, and policies to do their job.
Over the last two decades, and particularly as US presidential administrations started to lean more heavily on social media as a source of engaging with the public, the role of physical protection has vastly and rapidly changed. Government agencies and their high-value leaders now give away more information in the social media age than ever before, often putting themselves at substantial risk, both physical and cyber.
Even if sensitive information such as home addresses or executive travel plans are protected within the agency walls, that does not mean that same sensitive information is well-protected online. For example, homes of Supreme Court Justices and conference speaker schedules located on Google, are often used to expose and endanger agency personnel and their families.
Today’s Physical Threat Landscape
With the expansive reach of social media and the world’s reliance upon it, there is no longer a defined physical space with a defined perimeter to monitor. There is no certainty in determining the source of a threat, and there is no single, reliable way to translate the intent of an angry citizen looking to blow off steam vs. someone who intends to destroy the lives of innocent victims. While malicious intent and tactics remain the same, social media is now a force multiplier for the expression of that intent and the power to execute on it.
Recent incidents, such as the murder of a federal judge’s son at his private residence, reinforce the need for a new approach. According to NPR, a 72-year old lawyer shot and killed the son of Federal Judge Esther Salas on the steps of her home. A publication of the shooter’s manifesto in which he “railed about discrimination against men” was later discovered online. This tragic situation at least drove immediate action at the Congressional level. Legislation was introduced to include a “significant increase in technological expertise” at the U.S. Marshals Service and to bar disclosure of PII data for federal judges and their families.
According to a press release issued by New York Attorney General Letitia James, the shooter who killed 10 people and wounded three in the recent Buffalo supermarket incident “posted online for months about his hatred for specific groups.” The postings outlined how he planned to carry out the attack, including a 180-page manifesto about his bigoted views.
“The terror attack in Buffalo has once again revealed the depths and danger of the online forums that spread and promote hate,” said Attorney General James. Again, as a result of this horrible situation, positive action was taken immediately. In response to the incident, James launched an investigation “into the social media companies and other online resources that the shooter used to discuss and amplify his intentions and acts to carry out this attack.” Policy and regulation that involve the social platforms is one part of solving this complex security challenge.
The Funding and Policy Gap
Funding and policy must keep pace with technology in order for the government’s executive protection mission to evolve. Currently, neither sufficient funding nor adequate policies exist.
Finding skilled personnel with the technical expertise to identify and avert threats online requires different sources of funding and operational considerations than the funding of other standard protective measures. And, while there are clear-cut policies in place for physically protecting a government leader, there is very little direction for identifying and reacting to threats that emanate from the digital sphere.
Start Making the Shift
How can federal executive teams begin to make the shift necessary to achieve today’s mission? First, you need to ensure that your executive protection program includes the following:
- Monitoring and detection for threats such as impersonations, stolen credentials, and others across social media, surface web, and Deep and Dark Web
- High-fidelity alerts for physical threats and disruptive events that pose a risk to key executives and their families
- Reputation protection to safeguard citizen engagement
- Executive threat intelligence, reporting, and assessments
- Takedown capabilities for removing fraudulent profiles and offending content
- Ongoing monitoring and removal of personal information from data broker websites
Next, you will need to build a comprehensive executive protection strategy that makes sense for your team or agency. The following key steps can help get you started.
Step 1: Map Out Who to Protect
Step 2: Deploy Automation and AI
Step 3: Extend Visibility and Analysis with Human Intelligence
Step 4: Reduce Vulnerabilities through Proactive Measures
Step 5: Empower Executives through Education
Achieving the Mission with ZeroFox
Even the best executive protection programs can fail due to not having enough digital protection personnel. Specifically in the federal government, there is simply not enough manpower dedicated to digital protection duty, and trusting government personnel to fully protect themselves is not setting a realistic expectation. The benefit of automating some of these functions can amount to millions of dollars in cost savings.
Fortunately, companies such as ZeroFox are standing in the gap. Combined with a strong executive protection program, ZeroFox’s artificial intelligence-based platform helps agencies protect leaders by rapidly identifying cyber and physical risks across social media and the full range of digital platforms.
ZeroFox offers a unique solution that continuously monitors for fake accounts and takes immediate action to remove them before they can do damage. It also monitors an agency’s protected peoples’ public accounts to avoid inadvertent sharing of credentials, IP, or citizen data and enables the configuration of automated alert rules and policies specific to your organization’s needs. This is done all while monitoring malicious marketplaces and hacker forums (on the Dark Web and elsewhere) for potential exposures and sale of passwords, credentials, or attack chatter.
From account hacking and impersonations to cybercrime, data loss, credential theft, and more, it is ZeroFox’s goal to provide protection from the threats that are introduced by external networks and channels. For more information on ZeroFox Executive Protection solutions for federal agencies, request a demo with one of our experts.