What do shifting social and political dynamics mean for corporate security?

Clarity Up Front:

  • Social and political shifts mean global corporationsare now seen as “players”, whether they intend to be or not. This impacts a company’s risk profile, with many experiencing increases in activism and protest, threats to senior executives and insider risk.
  • 57% of CSOs report an increase in activism-related threats.
  • 32% of CSOs said threats to senior company executives have increased over the past 2–3 years. The threat has intensified as violence becomes a more accepted form of political expression.
  • 69% of CSOs said insider risk is increasing and 40% ranked it as a top three risk for their company. Boards and regulators demand a holistic response, and as a result many organisations are adopting a more proactive, enterprise-wide framework.
  • The rise of mis- and disinformation creates challenges and opportunities for corporate security intelligence teams, who must join forces with communications colleagues, monitor emerging disparate narratives, and create a virtuous information loop with business colleagues to ensure market-based ground truth informs their intelligence assessments.
  • In this complex business operating environment, boards prize social skills over technical competence in business leaders, and demand a holistic, partnership-based approach to risk management.

Social and political shifts mean global corporations are now seen as "players", whether they intend to be or not.

Corporations face growing pressure to not only operate fairly and ethically, but also to take a stance on political and social issues, whether directly linked to their business or not. As Lucien Alzari, Chief Human Resources Officer at Prudential, put it, 'There was a time when a CEO could say, "But what does this have to do with my company? Isn't this a matter in the personal or political sphere?" Such a perspective is unlikely to serve any executive well in the times ahead.’[1]

These social and political changes impact a company’s risk profile, directly impacting the work of the corporate security function.

Activism and Protest
Taking a public stance on social or political issues can make companies a target for attack; 11% of CSOs surveyed by The Clarity Factory said activism is one of the three biggest security risks for their organisation, and a majority (57%) said it was increasing. [2] Activists target people, products, buildings, and technology systems, and whether violent or not, their actions place an added burden on the corporate security function.

The holistic nature of theactivist threat – incorporating physical, digital, human, and reputational challenges – makes partnership non-negotiable to an effective enterprise response. Corporate security functions must increasingly work laterally with cyber security, IT, communications, government affairs, and legal colleagues to provide boards a nuanced understanding of the threat and an appreciation for how corporate actions can both help and hinder. Companies must bring together the knowledge, networks and know-how of multiple functions to get ahead of these complex challenges.

Threats to Senior Executives
There is a growing expectation for CEOs personally to be the face of their corporation’s public positions; 81% of investors globally say CEOs should be personally visible when discussing public policy with external stakeholders, and two-thirds (60%) of people agreed with the statement 'when considering a job, I expect the CEO to speak publicly about controversial social and political issues that I care about.' [3] This can increase the CEO’s risk profile. One-third (32%) of CSOs surveyed by The Clarity Factory said threats to senior company executives have increased over the past 2–3 years.[4]

The threat to executives has intensified as violence becomes a more accepted form of political expression. This was brought into tragic focus with the murder of UnitedHealthcare CEO Brian Thompson in December 2024, and the subsequent celebration of his alleged murderer, with his actions framed by some as an ‘act
of justice’.

His murder has heightened concern in boardrooms, and many corporate security leaders have been
asked to reinforce or stand-up executive protection programmes. Some CSOs tell us that executives are cognisant of the threat, and a growing number are more willing to tolerate enhanced security for themselves and their families. CSOs must also ensure they have a strong partnership with cyber and digital colleagues to provide a wraparound service for execs.

Insider Risk
Insider risk is growing. More than two-thirds (69%) of CSOs surveyed by The Clarity Factory said it is increasing, and 40% ranked it as a top- three risk for their company. [5] CSOs are not alone in this view; almost all (90%) cyber-security professionals believe their organisation is vulnerable to insider threats, which cost a median of USD 4.45 million to resolve.[6]

Insider risk takes several forms, from malicious to negligent insiders, those seeking to extract money or information for nation states, criminal networks or themselves, and those whose motivation is sabotage or reputational damage. Partly driven by disillusionment or disengagement,[7] the social and political trends we are seeing certainly play into the rise of insider risk for major corporations.

Unsurprisingly, regulators and boards are demanding a holistic response, and many CSOs we work with tell us they are called upon to create a robust enterprise-wide framework to manage the risk, and shift from reactive to proactive stance. Clarity Factory data from 2023 shows that 38% of CSOs are accountable for insider risk, and a further 36% are involved in their company’s response. CSOs and their teams can add considerable value to these efforts as the risk almost certainly continues to rise.

The rise of mis- and disinformation creates challenges and opportunities for the corporate security intelligence team.

The World Economic Forum identifies mis- and disinformation as the top global risk for the next two years, according to their 2024 and 2025 Global Risks Reports. The consequences include decreased share prices, attacks on senior executives, protests, disruption to operations, and damage to important stakeholder relationships. The rise of AI and deep fakes will only heighten these risks.

Increasingly, companies must manage risks related not just to what they have said and done, but also what they have not. For example, a 2020 conspiracy that Wayfair was involved in child trafficking led to threats to the company’s CEO and attempts to short the company’s stock. And a fake press release in the same year, purportedly from the Grand Hyatt hotel in Seattle saying it would offer shelter to the homeless impacted by dense smoke from local wildfires, generated protest from both those against housing the homeless and later from those berating the hotel for failing to provide shelter when the deception was exposed.[8]

This creates challennges and opportunities for the corporate security intelligence team. They must widen their focus from threat actors to shifting narratives,[9] look for ways to join forces with communications colleagues who conduct sentiment analysis, and create a virtuous information loop with business colleagues to ensure market-based ground truth informs their intelligence assessment. They need to listen as well as transmit.

CSOs - like the rest of the C-Suite - must prioritise social skills alongside technical skills.

These social and political changes require a new style of corporate leadership. A study from the Harvard Business School found that, in hiring CEOs, boards began to prioritise social skills over competence managing financial and material resources from 2007 onwards (chart below). They recognised that being able to read the balance sheet is of little use if you can’t read the room in this new complex social and political business operating environment. Social skills include active listening, empathy, communication, relationship management, problem solving and cooperation.[10] TheC-Suite must also prioritise these social skills when hiring CSOs, because CSOs and their teams are so integrated into the corporation’s risk management response.

broken image

References:

[1] As the world shifts, so should leaders, Nohria, Harvard Business Review, 2022
[2] The Business Value of Corporate Security, Briggs, The Clarity Factory, 2023
[3] 2022 Edelman TrustBarometer, Edelman, 2022
[4] The Business Value of Corporate Security, Briggs, The Clarity Factory, 2023
[5] The Business Value of Corporate Security, Briggs, The Clarity Factory, 2023
[6] ‘Insider Risk’, Gates, 2021
[7] 'Insider Risk', Gates, 2021
[8] The Business Value of Corporate Security, Briggs, The Clarity Factory, 2023
[9] Revolutionary Violence in the New Gilded Age, Insight Forward, 2025
[10] The C-Suite Skills That Matter Most, Raffaella Sadun, Joseph Fuller, Stephen Hansen and PJ Neal,
Harvard Business Review, July-August 2022

Photo by Mesut Yalçın

PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save