From Exposure to Action: Strengthening Executive Security in a Digital Age
It’s 2025, and we here at 221B believe there is no better way to kick off the New Year (and celebrate Data Privacy Day!) than with a critical look at one’s online exposure. Now more than ever, executives, high-net-worth individuals and the security teams that protect them are reviewing their risk profiles by determining what personally identifiable information (PII) is out there that could be used to harm them or their associates physically, financially and/or reputationally, particularly in light of the targeted killing of UnitedHealthcare’s former CEO Brian Thompson just last month.
To create an appropriate security strategy for the year ahead that is tailored to the specific risks and challenges facing a particular executive or high-net-worth individual, it will be imperative to understand the individual’s online exposure, including any PII that has been breached or exposed as well as any direct threats or adverse chatter targeting them. Once these risks are identified, executives and security teams can begin mitigating against them and better managing their security posture.
Identify exposed personal information
An initial step to help understand the risks facing an executive or other high-net-worth individual is to conduct a sweeping audit of their PII that has been exposed online through surface web and deep and dark web sources. This could range from a social media post that reveals one’s date of birth to a home address that is easily identifiable through an open-source data aggregator (see Truepeoplesearch.com as just one example) to a Social Security number that was exposed in a data breach and subsequently shared on the dark web. Understanding the types of data points that have been exposed about an executive can better help target security efforts and may even merit attempts to remove said information from certain sources to reduce an executive’s risk level.
This can also include a review of the online activity of an executive’s immediate family members and/or close associates to understand any implications they may have on the executive’s overall security posture. These audits can also include a review of publicly available information regarding private or corporate aircraft or a private yacht, whose locations and travel routes can often be tracked through open-source databases. Executives may request to have these removed from such sites to mitigate against future targeting from threat actors when traveling.
Below are just a few types of information we’ve found online during these exposure audits, which posed a significant risk to our clients:
Fake social media profiles created in the executive’s name and likeness, posting inappropriate content
Current credit card and bank account information for the executive or their spouse that had been hacked and shared on the dark web
Designs and blueprints for a client’s yacht that showed its innerworkings, mechanical functions, speed capabilities, etc.
The location of an executive’s teenaged child who was publicly geo-tagging or otherwise broadcasting their location in real time
Identify direct threats and conduct sentiment analysis
The second element of an online exposure audit is to identify any direct threats made against a subject online through targeted research of social media or other online forums or chat rooms, as well as to understand the general sentiment toward an executive and/or their company and overall industry. Depending on the volume and severity of threats or general content identified, additional research on specific threat actors or groups may be merited to understand how high of a risk they pose.
The results of this initial review of online content and threats can also help determine whether ongoing social media monitoring is recommended to ensure security teams remain aware of any future threats or adverse sentiment toward an executive and are able to respond quickly and effectively without being caught off guard. We’ve had clients who have been the target of ongoing, persistent threats online due not only to their status as public figures or high-net-worth executives, but also due to their political views and activity, their race, ethnicity and religion, and the industry in which they work. These include threats like:
“Somebody should Luigi that motherfucker” referring to our client (in reference to the UnitedHealthcare shooting suspect, Luigi Mangione)
“[Subject’s name] I’M COMING TO YOUR HOUSE TO KILL YOU”
Doxxing of a subject’s home residence
Content encouraging stochastic violence/terrorism or attempts to encourage others to commit violence
Implement targeted recommendations to mitigate against future risk
The purpose of an online exposure audit is not only to identify what information and threats are or may be out there, but also what one can do about it. Once a subject’s online risk profile is better understood, security teams and associates can begin implementing targeted recommendations to strengthen the subject’s overall security posture going forward. Based on what we’ve identified during our audits, 221B has worked closely with clients to implement increased privacy settings on social media profiles, get fake profiles taken down from platforms, remove information such as home addresses from open source data aggregators, and ensure clients have updated their credit card or bank account information, should that have previously been exposed in a data breach. In serious cases we have also worked with executive protection resources and law enforcement partners to help ensure the safety of subjects, their families and employees.
While the recommendations will look different depending on a subject’s profile and risk level, we can’t emphasize enough the importance of understanding the information that is out there, and how it could potentially be used against a subject to violate their privacy, or worse, their safety and the safety of those around them. Conducting an online exposure audit is just one proactive step executives can take to better tailor their security strategies and plans for the year ahead.