Skip to main content

Why Executive Privacy Belongs in Bank Security Strategy

Share

Banks spend heavily to protect networks, branches, offices, and customer data. Yet information about an executive’s private life can create another route toward the institution—one that may begin with a cell phone number, home address, family connection, or daily routine. 

In a recent ProSight webinar on connecting data security and physical security, Kelsi Strutton of Ironwall and workplace security consultant Felix Nater described how scattered personal details can be assembled into a “pattern of life” and used for doxing, swatting, phishing, coercion, or physical targeting. 

A few practical steps stand out: 

Look beyond the workplace. Executives may be well protected at the office while remaining exposed at home or in transit. Personal devices connected to home Wi-Fi, publicly available addresses, school information, and predictable routines can all expand the attack surface. Nater said organizations can explain it to their employees this way: “When you are exposed to risk, we’re exposed to risk.” 

Assess how information can be combined. A simple list of exposed data may not persuade an executive to go on defense. Strutton recommends showing how those details could be weaponized. A personal cell number can lead to social media accounts, location information, family connections, and other records. Realtor listings may reveal floor plans and entry points. Permits, youth sports team rosters, delivery services, and professional biographies can fill in more of the picture. 

Include families in the risk assessment. Security concerns often become more persuasive when executives understand how exposure could affect spouses and children. Strutton suggested examining whether someone could identify a child’s school, trace regular routes, or determine when family members are likely to be home without the executive. 

Make executives part of the training. Nater emphasized that leaders should participate rather than viewing themselves only as protectees. Scenario-based stories can help them recognize ordinary habits that create risk and build trust with the security teams responsible for protecting them. 

Use friction to buy time. Some information will be difficult—or impossible—to remove. But making it harder to locate can still matter. “Time is a tool, and a powerful tool, when it comes to violence,” Strutton said. Delays may give emotions time to cool, allow security teams to detect a threat, or push an attacker away from the intended target. 

The takeaway: Executive privacy, cybersecurity, physical security, and workplace violence prevention increasingly belong in the same conversation. Banks that understand how personal information can be found, connected, and weaponized are better positioned to protect both their leaders and the institution around them. 

Related Articles

Login to View This Content

 

Become a member to unlock exclusive content, connect with industry experts, and gain access to valuable resources. If your employer is an institutional member, activate your ProSight membership benefits with a simple email address.