Unconventional Security for Unconventional Clients

Unconventional Security for Unconventional Clients
January 22, 2021 SDC Development 2

Unconventional Security for Unconventional Clients

By TorchStone VP, Scott Stewart

Unconventional Security for Unconventional Clients

“Old money” families have had generations to learn about the dangers associated with vast wealth and the security measures required to protect against those threats. Kidnappers, swindlers, scammers, and burglars have targeted the members of these families for decades, helping to reinforce the reality of security as a necessity. Kidnappings, murders, and assaults have also taught major corporations the importance of protecting high-profile company leadership.

The new generation of wealthy tech entrepreneurs benefited from the experience of their corporate and/or old-money board members and venture capital partners to understand the need for security. These advisors encouraged tech entrepreneurs to establish professional security teams to help protect both their companies and families.

But in recent years, we have seen a new wave of “unconventional” wealthy people who are often self-made and do not have links to security-conscious corporate board members or venture capitalists.   In many cases, these people have made their fortunes in non-traditional industries such as legal cannabis or bitcoin investing. Sometimes they are merely unaware of the threats they face and how those threats drive the need for security. In other cases, because of their unconventional backgrounds and young ages, they are suspicious of the government and corporate types.  This suspicion can result in them being ambivalent, or even hostile, to establishing a security program.

This combination of massive wealth and minimal security often results in these unconventional types becoming prime targets for criminals. There have been several cases in which cryptocurrency dealers and exchange owners have been victimized by those seeking to steal their anonymous and difficult to trace wealth. For example, in Nov. 2017, a New York-based entrepreneur was kidnapped at gunpoint and forced to provide his captors with the password to his digital cryptocurrency wallet. The criminals then used the password to transfer $1.8 million out of the victim’s account.

Cannabis entrepreneurs have also been targeted. During the early morning hours of Oct. 1, 2019, three armed men broke into the Santa Cruz, CA oceanfront home of Tushar Atre, the CEO and founder of the cannabis company Interstitial Systems.  The men threatened and restrained Atre and his girlfriend and then left the home with Atre, taking him away in the girlfriend’s vehicle. They took him to a company warehouse in the Santa Cruz mountains and forced him to open it. Atre’s body was found later that morning—he had been shot dead. Four men, including two employees, were arrested in May 2020 and charged with Atre’s murder. This was thus an inside crime of opportunity, as the employees charged must have had firsthand knowledge of Atre’s lack of security.

But not all cases involve cryptocurrency or cannabis. On July 13, 2020, software entrepreneur Fahim Saleh was stabbed to death and dismembered in his Manhattan penthouse apartment by an employee who had embezzled tens of thousands of dollars from the self-made millionaire. Saleh is another cautionary example of a high-net-worth individual who did not have a security program in place to help protect him from threats.

When Conventional Security Doesn’t Fit

It is not entirely surprising that people such as Saleh and Atre did not have security. Neither was a household name or a high-profile business celebrity like Jeff Bezos or Elon Musk. They were not the focus of intense media attention and likely did not consider themselves potential targets for criminals. Furthermore, the thought of having a traditional government-style protective detail is simply not appealing for many people—especially those who are relatively young with active lifestyles. Security is often considered constricting and rigid, an encumbrance that makes it difficult to live life to the fullest. There is certainly some truth to this perception, especially for those protected by a high threat detail like a U.S. President or an ambassador in a war zone. However, for most people, even those of significant means, a tailored security program can be put in place that is neither constricting nor burdensome.

Let’s examine some of the elements of a proactive and unconventional security program that can be tailored for an unconventional client.

Baseline Assessments

Before any meaningful security program can be designed or implemented, it is necessary to conduct baseline assessments of who is being protected and what threats they need to be protected against. One useful tool to help get a baseline understanding of the person to be protected is a public profile assessment. A public profile assessment is conducted by a thorough search of publicly available information pertaining to the subject. This information is then organized and analyzed to identify any damaging or negative information about the subject. The public profile assessment also serves as a way to document exactly what information is publicly available on the subject—information that can be used by a threat actor planning to target the principle. Almost as important, the public profile assessment also highlights what key information is not publicly available, ensuring it can continue to be protected.  The assessment also allows security teams to be alert to efforts by threat actors to gather that information via other means such as physical surveillance.

The public profile assessment also helps inform the baseline threat assessment by assessing the subject’s prominence and profile, identifying overt or implied threats against the subject, as well as identifying any existing or potential business or personal controversies, reputational risks, or negative comments or sentiments on social media. The baseline threat assessment will also consider any controversy surrounding the subject’s company or industry and the history of security incidents, including documented threats against company executives or the receipt of unsolicited letters or calls expressing a grievance. Finally, the baseline threat assessment will also consider geographic locations where the subject and company operate, along with economic, political, and geopolitical factors that could result in a higher threat level.

Protective Intelligence-Driven Security

A security program can be designed based upon the threat assessment to provide the subject with the appropriate level of protection. It is worth pointing out that the threat assessment is not static, and the threat level and corresponding need for security can change depending on events or location. For example, a direct threat may be made against the subject, or the subject could visit a location that is more dangerous and requires a higher security posture.  That said, in most cases, the threat level will not be significant enough to warrant a heavy “government style” protective detail. But the absence of a heavy protective detail does not mean that the subject does not have any security. There are many tools that can be used to provide a much lighter security footprint.

Many of these tools fall under the umbrella of a protective intelligence program. In a nutshell, protective intelligence is a collection of processes that are designed to forecast, identify, and assess threats, and to then implement appropriate security measures to avoid, deter or mitigate those threats.

Protective intelligence is based on the precept that threats, whether from internal or external actors, don’t just appear out of a vacuum. Hostile actions are the result of processes such as the attack cycle and the pathway to violence, and actions associated with those processes can be spotted, and security measures implemented to interrupt them.

Surveillance is one of the places during the attack cycle when an attacker becomes most vulnerable to detection. Because of this, surveillance detection or countersurveillance teams are important protective intelligence tools. There have been numerous examples of hostile actors who have decided not to conduct an attack against a specific target because they were uncomfortable while attempting to conduct surveillance of that target. In most cases, they then moved on to a target they considered softer or easier to surveil and attack. Placing a bubble of personnel around the principal’s home and office to look for and deter surveillance is one way to make the principal a harder target without the need for close protection officers.

While countersurveillance efforts are valuable, they can’t operate in a vacuum. They need to be part of a larger protective intelligence program that includes analytical and investigative functions and includes an insider threat program.

Other Security Tools

There are also a number of other security tools that can help protect the principal without close protection. Establishing a sound corporate security program that can, among other things, ensure corporate facilities have appropriate access control measures, visitor and package screening, hiring and termination policies, etc., will go a long way toward protecting the principal. The corporate security program can also help ensure that the principal has an appropriate level of residential security, as well as appropriate security while traveling. All these security measures can be implemented with little impact on the principal’s lifestyle.

TorchStone Global’s staff of world-class executive protection and protective intelligence specialists can help establish and maintain an effective unconventional security program for even the most unconventional clients.