Why the C-Suite Is Now Part of the U.S. Targeting Curve
The actuarial battlefield is the risk environment where public grievance, exposed personal data, symbolic targeting, and corporate governance collide. In this environment, executives are not only protected as individuals. They are priced, modeled, insured, monitored, and targeted as extensions of the institutions they represent.
The U.S. threat environment has widened. Over the last two years, high-visibility violence has not remained confined to elected office or overtly political actors. It has moved across sectors: from the 2024 attempts on Donald Trump, to the killing of UnitedHealthcare CEO Brian Thompson in December 2024, to the firebombing of Gov. Josh Shapiro’s residence and the fatal attack on Melissa Hortman in 2025, to the assassination of Charlie Kirk during a campus appearance at Utah Valley University, into antisemitic arson targeting Beth Israel Congregation in early 2026, and to the attempted attack targeting Sam Altman’s residence in April 2026.
The pattern is broader than politics alone. It now reaches corporate leadership, private residences, public appearances, and identity-linked institutions.
For the C-suite, Brian Thompson was the clearest inflection point. His killing made visible a risk many executives still treat as secondary: the possibility that a business leader becomes the human proxy for institutional anger. In this environment, grievance does not need to stay rhetorical to become physical. It only needs a target that feels symbolically legible.
The executive is no longer only a business actor. In the wrong threat environment, the executive becomes a symbol, a proxy, and a reachable surface.
The full incident board sharpens that point. What it shows is not random escalation, but migration. The exposure surface moves from stage to driveway, from scheduled event to private residence, and from the individual to the institution.
That is the logic of the actuarial battlefield: personal risk is increasingly shaped by where symbolic grievance, weak perimeter assumptions, and persistent digital exposure overlap.
From public stage to private residence to symbolic institution
The incidents below are not identical. That is the point. The risk pattern is spreading across target types, sectors, locations, and exposure conditions.
Grouping these incidents is not a claim about shared cause. The motives range across political ideology, corporate grievance, antisemitism, and personal pathology, and nothing here equates them. What the board compares is the geometry of exposure: where the target was, how the perimeter failed, and what made reach possible.
How to read this
A CEO was killed outside an investor event. Companies increased executive security spending.
Proxy statements and security firms indicate rising executive protection concern.
C-suite targeting risk is becoming more identity-linked, grievance-linked, and data-enabled.
The incidents listed below are observed. The patterns in the commentary are analytic judgment. The two should be read accordingly.
Donald Trump
Political Attempt
Trump wounded; one bystander killed.
Rooftop shooting at a campaign rally in Butler, Pennsylvania.
Perimeter Failure: Unauthorized access to a high-ground overlook within line of sight of the target.
Donald Trump
Political Attempt
No injury; suspect apprehended.
Armed suspect intercepted at Trump International Golf Club, Florida.
Recreational Vulnerability: Armed intruder established a sniper nest in the tree line of a private club.
Brian Thompson, CEO of UnitedHealthcare
Corporate Assassination
Fatally shot.
Systemic grievance. Targeted outside a Manhattan hotel. Attacker left “Delay, Deny, Defend” messages.
Public Commute Vulnerability: CEO targeted during a routine business trip without a security detail.
Gov. Josh Shapiro and family
Mixed Political / Hate Attempt
Residence firebombed; heavy damage.
Occurred on the first night of Passover; perpetrator Cody Balmer cited hatred for the Jewish governor.
Residential Breach: Arson attack on an executive residence using improvised incendiary devices.
Rep. Melissa Hortman, Minnesota House Speaker
Political Assassination
Hortman and husband Mark killed.
Targeted at home by Vance Boelter, who posed as law enforcement to gain entry.
Deceptive Entry: Targeted home invasion using a social engineering and disguise tactic.
Sen. John Hoffman
Political Attempt
Hoffman and spouse wounded.
Same-night attack as Hortman; perpetrator targeted Democratic leaders in a coordinated spree.
Coordinated Multi-Target Attack: Simultaneous targeting of multiple high-profile individuals at home.
Charlie Kirk, founder of Turning Point USA
Political Assassination
Fatally shot.
Shot during a campus speaking event at Utah Valley University; perpetrator fired from an elevated position on a nearby building.
Public Event Vulnerability: Elevated-position attack during a high-visibility outdoor engagement.
Beth Israel Synagogue / Jewish organizations
Hate / Arson Campaign
Multiple buildings damaged.
A series of arson attacks in Mississippi; perpetrator indicted on federal hate crime and arson charges.
Institutional Targeting: Targeted attacks on identity-based facilities rather than specific individuals.
Sam Altman, CEO of OpenAI
Corporate Attempt
No injuries; primary suspect charged with two counts of attempted murder, attempted arson, and possession of an incendiary device; secondary-incident suspects arrested on firearm offenses.
A Texas man traveled cross-country to San Francisco with weapons, kerosene, and a list of AI executives; threw an incendiary device at Altman’s residential gate, then threatened OpenAI headquarters. A second incident two days later involved apparent gunfire in front of the same residence and led to two arrests and the recovery of three firearms.
Ideological Residential Attack: Pre-planned, cross-country targeting of an executive’s home by an assailant acting on grievance against the industry the executive represents.
The pattern is not one tactic. It is the spread of targetability across public movement, residential exposure, symbolic affiliation, executive residence exposure, and institutional identity.
What the board is telling us
Home is now part of the threat perimeter.
The incidents involving Shapiro, Hortman, Hoffman, and Altman’s residence make clear that residential security can no longer sit downstream from office protection. Family protocols, visitor verification, access control, and deception awareness now belong in the same conversation as travel security and executive mobility.
Symbolic proxy risk is rising.
Thompson’s killing showed how a senior executive can become the stand-in for an industry. Kirk’s killing showed the same dynamic in civic life: a prominent public figure attacked for the movement he represented. In both, the individual was not targeted only as a person, but as the most visible expression of something larger.
Open-air and semi-public exposure remains unstable.
The 2024 attempts on Trump and the 2025 killing of Kirk underscore how quickly visibility, routine, and incomplete perimeter control can compress warning time. Public presence is now a security variable, not just a communications choice.
The target set is widening.
The Beth Israel case is a reminder that this environment does not stop at individuals. Houses of worship, community institutions, executive residences, and symbolic sites are part of the same risk ecosystem, especially when identity, grievance, politics, and institutional symbolism begin to collapse into one another in the public imagination.
Behind the visible incidents
A 2025 study by the Security Executive Council and Mercyhurst University documented 424 open-source attacks on corporate executives between 2003 and late 2025. Incidents in 2025 doubled 2024 levels by the end of October, with 95 cases recorded in the first ten months alone. Physical attacks accounted for 85 percent of the dataset, and one-third of all incidents resulted in injury or death. The most common tactic was ambush or walk-up, present in 75 percent of physical attacks.
These are the cases that surfaced in open reporting. Companies routinely decline to publicize threats against executives, and corporate-security disclosures historically lag the underlying activity. Online signal is one place to triangulate the gap. A separate analysis by Nisos identified roughly 1,560 direct online threats against CEOs in the six months before Brian Thompson was killed, then 2,200 direct threats in the five weeks after his death, with users adopting variations of Luigi Mangione’s name as coded language for violent intent.
The target set is widening
CEOs remain the largest single category at 64 percent of incidents, but the growth is occurring elsewhere. Attacks on non-CEO senior leaders rose 225 percent between 2023 and 2025. The two most-targeted industries are financial and technology, each accounting for 17 percent of the dataset, followed by manufacturing at 12 percent. Targeting of female executives doubled between 2021 and 2024. Family members and executive staff increasingly appear as proxy targets in their own right.
The pattern matches the board above. The original C-suite envelope has been redrawn outward in two directions: down the organization chart, and across the people in proximity to the executive.
Boards are already pricing it
In April 2026, Equilar reported that more than one-third of S&P 500 companies disclosed providing security to at least some executives in 2025, up from 24 percent four years earlier. Among those that did, the median spend rose roughly 136 percent from 2021 to $130,468. JPMorgan Chase disclosed $1.2 million in 2025 for CEO Jamie Dimon, a 36 percent jump from the prior year. Meta disclosed $25.1 million for Mark Zuckerberg. UnitedHealth Group reported $1.7 million in C-suite spending in 2025, including $448,276 for Tim Noel, the executive who succeeded Brian Thompson. Molina Healthcare disclosed $456,000 after reporting no executive security spend before 2024. Walmart was among the companies adopting executive security perks for the first time in recent reporting cycles.
Boards are now treating executive protection the way they treat enterprise cybersecurity: an unavoidable line item, audited externally, disclosed in proxy materials, and growing year over year.
Moving beyond gates and guards
The implication is straightforward: executive protection can no longer be separated from privacy engineering, residential hardening, route discipline, family awareness, and data-broker suppression.
The digital footprint is not adjacent to the physical threat. In many cases, it is the precondition for it.
- Residential addresses become targeting infrastructure.
- Routine travel patterns become timing intelligence.
- Public appearances become compressed-risk windows.
- Family members become part of the exposure surface.
- Symbolic roles can turn executives into grievance proxies.
That means the protection model has to change. The perimeter is no longer just a building, a vehicle, or a visible security detail. The perimeter is also the data layer that tells a motivated actor where to go, when to wait, and who else can be reached.
This does not mean every executive is in danger. It does not mean every public grievance becomes a threat. It does not mean physical security should be replaced by digital exposure reduction.
It means the threat model has changed. Public identity, personal data, symbolic grievance, and operational predictability now interact in ways many organizations still treat separately.
The bottom line
In 2026, privacy is not a reputation issue or a lifestyle preference.
It is a life-safety control.
For executives, public figures, families, and identity-linked institutions, exposure is no longer theoretical. It is operational.
