NEW YORK (AP) — He’s one of the most famous corporate leaders in the world, delivering products embraced by billions. But it’s the haters that companies like Mark Zuckerberg’s Meta worry about.
In an era when online anger and social tensions are increasingly directed at the businesses consumers count on, Meta last year spent $24.4 million on guards, alarms and other measures to keep Zuckerberg and the company’s former chief operating officer safe.
Some high-profile CEOs surround themselves with security. But the fatal shooting this week of UnitedHealthcare CEO Brian Thompson while he walked alone on a New York City sidewalk has put a spotlight on the widely varied approaches companies take in protecting their leaders against threats.
Thompson had no personal security and appeared unaware of the shooter lurking before he was gunned down.
And today’s political, economic and technological climate is only going to make the job of evaluating threats against executives and taking action to protect them even more difficult, experts say.
“We are better today at collecting signals. I’m not sure we’re any better at making sense of the signals we collect,” says Fred Burton of Ontic, a provider of threat management software for companies.
After Thompson’s shooting, Burton said, “I’ve been on the phone all day with some organizations asking for consultation, saying, ’Am I doing enough?”
Since the killing, some health insurers have taken steps to safeguard their executives and rank-and-file workers.
Medica, a Minnesota-based nonprofit health care firm, said Friday it is temporarily closing its six offices for security reasons and will have its employees work from home.
“Although we have received no specific threats related to our campuses, our office buildings will be temporarily closed out of an abundance of caution,” the company said in a statement.
A Medica spokesman said the company had also removed biographical information about its executives from its website as a precaution.
UnitedHealth Group, parent of the insurer Thompson led, removed photos of its top executives from its website hours after the shooting, later removing their names and biographies.
But well before the attack, some of the biggest U.S. companies, particularly those in the tech sector, were spending heavily on personal and residential security for their top executives.
Meta, whose businesses include Facebook and Instagram, reported the highest spending on personal security for top executives last year, filings culled by research firm Equilar show.
Zuckerberg “is synonymous with Meta and, as a result, negative sentiment regarding our company is directly associated with, and often transferred to, Mr. Zuckerberg,” the Menlo Park, California, company explained earlier this year in an annual shareholder disclosure.
At Apple, the world’s largest tech company by stock valuation, CEO Tim Cook was tormented by a stalker who sent him sexually provocative emails and even showed up outside his Silicon Valley home at one point before the company’s security team successfully took legal action against her in 2022.
Cook is regularly accompanied by security personnel when he appears in public. Still, the company’s $820,000 allotted last year to protect top executives is a fraction of what other tech giants spent for CEO security.
Just over a quarter of the companies in the Fortune 500 reported spending money to protect their CEOs and other top executives. Of those that did, the median payment for personal security doubled over the last three years to about $98,000.
In many companies, investor meetings like the one UnitedHealthcare’s Thompson was walking to when he was shot are viewed as very risky because details on the location and who will be speaking are highly publicized.
“It gives people an opportunity to arrive well in advance and take a look at the room, take a look at how people would probably come and go out of a location,” said Dave Komendat, president of DSKomendat Risk Management Services, which is based in the greater Seattle area.
Some firms respond by beefing up security. For example, tech companies routinely require everyone attending a major event, such as Apple’s annual unveiling of the next iPhone or a shareholder meeting, to go through airport-style security checkpoints before entering.
Others forgo in-person meetings with shareholders. Government health insurance provider Centene Corp. joined that group Thursday, citing the UnitedHealthcare executive’s death in announcing that its upcoming Investor Day will be held online, rather than in-person as originally planned.
“But there are also company cultures that really frown on that and want their leaders to be accessible to people, accessible to shareholders, employees,” Komendat said.
Depending on the company, such an approach may make sense. Many top executives are little known to the public, operating in industries and locations that make them far less prone to public exposure and to threats.
“Determining the need for and appropriate level of an executive-level protection program is specific to each organization,” says David Johnston, vice president of asset protection and retail operations at the National Retail Federation. “These safeguards should also include the constant monitoring of potential threats and the ability to adapt to maintain the appropriate level of security and safety.”
Some organizations have a protective intelligence group that uses digital tools such as machine learning or artificial intelligence to comb through online comments to detect threats not only on social media platforms such as X but also on the dark web, says Komendat. They look for what’s being said about the company, its employees and its leadership to uncover risks.
“There are always threats directed towards senior leaders at companies. Many of them are not credible,” Komendat said. “The question always is trying to determine what is a real threat versus what is someone just venting with no intent to take any additional action.”
Burton, a former special agent with the U.S. Diplomatic Security Service, points out that despite the current climate, there is little in the way of organized groups that target companies.
Today, one of the primary worries are loners whose rantings online are fed by others who are like-minded. It’s up to corporate security analysts to zero in on such dialogue and decide whether or not it represents a real threat.
And CEOs aren’t the only targets of disgruntled customers. In the U.S., there were 525 workplace fatalities due to assault in 2022, according to the National Safety Council. Industries including healthcare, education and service providers are more prone to violence than others, and taxi drivers are more than 20 times more likely to be murdered on the job than other workers, the group said.
But the ambush of UnitedHealthcare’s Thompson this week is bound to get some CEOs second-guessing.
“What invariably happen at moments like this in time is you will get additional ears listening” to security professionals seeking money to beef up executive protection, Burton says.
“Because I can guarantee you there’s not a CEO in America who’s not aware of this incident.”
Associated Press writers Anne D’Innocenzio and Haleluya Hadero in New York and Jim Salter in St. Louis contributed.
