The business world was left shaken after a chilling attempt to abduct the daughter and grandchild of a crypto executive in broad daylight in the centre of Paris earlier this month.
Just four months earlier, David Balland, co-founder of the crypto firm, Ledger, and his partner were kidnapped and held for ransom. And, in a separate incident late last year, Brian Thompson, CEO of UnitedHealth’s insurance division, was fatally shot while walking alone to a corporate event in midtown Manhattan.
Geopolitical tensions and the rise of social media have left businesses and high-profile executives more vulnerable to cyber threats and physical attacks. In response to these challenges, major companies are re-evaluating their safety protocols.
UnitedHealth’s shareholders‘ statement, filed in April, shows that the firm spent $1.7m (£1.2m) on corporate security in 2024, a line item it had never broken out before.
The threat landscape is clearly evolving, says Jake Coffman, global head of special protections at Aon, a global professional services firm. “Over the last 12 months, we’ve seen the upscaling of corporate executive protection and event security in the UK and overseas.”
This is in response to a new operating reality, Coffman says, defined by “hybrid threats” that do not stay contained within the traditional realms of cyber incidents, physical threats or activist campaigns. “Today, a grievance against a company working along a sensitive issue could start as an influence campaign to boycott, then evolve to doxxing of senior leaders, before targeted attacks or threats of violence. What makes hybrid threats so effective is that they exploit the inherent fragmented relationships between cyber, physical and brand management.”
Security spending on the rise
In the months following Thompson’s murder, several high-profile health insurance companies disclosed fresh or higher allocations for personal protection. CVS Health spent over $293,151 (£217,326) in 2024 on executive security, up from $44,148 (£32,729) in 2023. Elevance Health spent $129,600 (£96,078) on executive security in 2024, up from just $1,485 (£1,100) in 2023.
A study by Equilar, a compensation data platform, shows an uptick in the number of S&P 500 companies offering security perquisites as part of executive compensation packages. The analysis, which examined 208 companies that filed shareholders statements in April 2025, found that almost a third (31.3%) provided some type of security perk in 2024. This represents a 47.6% increase from 2021.
At the same time, average spending on security perquisites has more than doubled, from $43,068 (£31,928) in 2021 to $94,276 (£69,891) in 2024.
You don’t want the an executive’s son to show off to his mates about the security detail he’s got on speed dial
This trend is not confined to the healthcare industry. Car manufacturer, General Motors, has extended security cover to its president as well as its chief executive. Broadcom, a semiconductor business, spent $1.37m (£1.02m) on its CEO Hock Tan’s security in 2024. Meanwhile, Lockheed Martin, a defence company, increased spending from $149,069 (£110,530) in 2023 to $1.34m (£1m) in 2024, citing explicit threats received by leadership.
Taimur Ijlal, a senior security consultant at AWS, expects spending to continue climbing in 2025, signalling a “broad reset in board thinking.”
Heightened media visibility, activist scrutiny, regulatory probes and polarised customer bases each add to personal risk calculations. The threshold for providing cover is also expanding from the chief executive to other exposed officers and sometimes the board chair.
“Controversial brands are feeling the most pressure,” Ijlal says. “Companies that attract protectors and activist attacks, such as fossil‑fuel producers, social media platforms or large retailers, will remain at the top of the curve.”
Putting a price on safety
Executive security has become a complex and increasingly costly task. Managing and mitigating the costs involved begins with a structured threat assessment covering physical and digital channels.
According to Ijlal, variables include an executive’s public footprint, social media sentiment, travel pattern, office and event locations and any recent potential flash‑points such as layoffs or pricing moves. For multinationals, country‑level crime data, civil unrest indices and local regulation on armed personnel also drive location-specific spending.
“Many finance and healthcare companies now include protection against cyberstalking and doxxing in their security plans, which pushes budgets higher as it incorporates the cost of monitoring software and incident response retainers,” Iijal says.
A grievance against a company could start as a boycott then evolve to targeted attacks
Matthew Watson is a partner at law firm, RPC, and works with insurers on claims against directors and officers. These claims, he says, often have exclusions for bodily injury, meaning they don’t cover claims if a senior executive is physically harmed. But, with rising threats from civil unrest and unstable conditions, there may be growing pressure on insurers to expand coverage. “Given the inherent unpredictability of corporate security threats it is often necessary for insurers to provide 24-hour access to their advisory services to help their insureds manage a volatile situation.”
Executive teams have a duty to promote the success of the company. According to Watson, a failure by the board to obtain adequate protection insurance – resulting in physical harm or a weakening of the company’s financial standing – may mean that any disgruntled shareholders could look to pursue a claim to hold the decision-makers accountable for any financial harm caused to the company.
Boards that had resisted paying for dedicated security services are now weighing the reputational and litigation fallout of a preventable incident against the relatively contained cost of professional protection.
Security training can mitigate costs
Jaan Larner, a UK-based corporate partner at Keystone Law, says more clients are seeking to understand what security risks they are exposed to and how to mitigate them. This is also something he’s experienced first-hand: pro-Palestinian activists recently defaced Keystone’s offices with red paint in protest of its work for a client connected to Israel.
Protection against cyberstalking and doxxing pushes budgets higher
Larner, who is involved in drafting contracts between businesses and security providers, says a key legal concern for firms is ensuring the service is not treated casually by its employees. This means defining appropriate use in genuine threat scenarios and outlining consequences for unwarranted activation.
“What you don’t want is the son of an executive who’s part of the protective policy to show off to his mates in a bar about the security detail he’s got on speed dial. Misuse can lead to significant charges of up to £150,000 if the call-out is not deemed legitimate by the insurance company.”
To avoid unwanted costs, businesses should ensure they are providing security tips and training for employees, Larner says. “This might include advice on not taking the same route every day, vetting staff and ensuring the building is secure. Training can cover how to identify potential threats and how to protect oneself online.”
This comes as insurers are increasingly linking executive insurance costs to companies’ security programmes. Stronger security can therefore also lead to lower premiums and affect the overall budget model.
In the current landscape, executive security is moving from a discretionary perk to a core cost to be controlled. However, boards that treat it as an insurance deductible rather than an executive luxury will find the budgeting exercise both straightforward and defensible.
The business world was left shaken after a chilling attempt to abduct the daughter and grandchild of a crypto executive in broad daylight in the centre of Paris earlier this month.
Just four months earlier, David Balland, co-founder of the crypto firm, Ledger, and his partner were kidnapped and held for ransom. And, in a separate incident late last year, Brian Thompson, CEO of UnitedHealth’s insurance division, was fatally shot while walking alone to a corporate event in midtown Manhattan.
Geopolitical tensions and the rise of social media have left businesses and high-profile executives more vulnerable to cyber threats and physical attacks. In response to these challenges, major companies are re-evaluating their safety protocols.
