Where Physical Security Intersects With Cyber

by Alan Shimel

The Black Hat Conference has always been a harbinger of where security is headed next. This year, predictably, the conversation is dominated by AI — AI-enhanced threats, AI-driven defenses, AI-this, AI-that. But amid all the artificial intelligence noise, I found myself pulled into a quieter, more chilling conversation — one that hit closer to home than any zero-day or deepfake.

It happened over dinner with the team from 360Privacy, a company that provides both physical and cyber protection for high-net-worth individuals, executives and public figures. You might be thinking: Bodyguards and firewalls? What do those have to do with each other?

The answer, as I found out over steak and spirited conversation with an eclectic group of journalists and security pros, is: Everything.

When Doxxing Becomes Deadly

The brutal murder of United Healthcare’s CEO on a New York City street earlier this year was a stark reminder that executive risk isn’t just theoretical. It’s personal. And it’s not just about them — it’s about their spouses, their kids, their movements, their homes.

Here’s the hard truth: Today, with a few AI-enabled tools, a bad actor can build a high-resolution digital map of your life in minutes. Not just where you work, but where your kids go to school, what time your spouse jogs, what kind of car you drive and when you’re out of town.

We’re not talking about high-end nation-state espionage here. We’re talking about open-source intelligence (OSINT) turned weaponized by AI agents. Sites like this one, recently covered by PubKGroup, are trivial to spin up with tools like ChatGPT and a little Python. That site publicly exposed personal info on over 1,000 corporate executives.

Some might argue, “It’s just publicly available data.” But in the wrong hands, that data becomes a targeting package.

A Perfect Storm: Tech, Tension and Targets

So why now? Why are we seeing this rise in digital-to-physical threat fusion?

At the dinner table that night, the consensus was clear: We’re living in a perfect storm moment.

1. AI lowers the cost and complexity of personalized surveillance. 

2. Hacktivism is on the rise, driven by ideology over legality. 

3. Nation-states are outsourcing dirty work to criminal syndicates and proxies. 

4. Geopolitical and economic instability widens the threat landscape. 

5. And perhaps most critically, income inequality fuels resentment — and often, justification. 

Layer all of that with a polarized online world where “outing” someone is just a tweet away, and you’ve got a powder keg.

Another aspect is that for many of you reading this, the doxing of high net worth individuals or executives at unpopular companies or industries doesn’t seem like such a terrible crime. Granted, some of these people don’t make for sympathetic targets. But no one deserves to be shot down in cold blood in the street. Likewise, the children and relatives of executives and high net worth individuals should be out of bounds (shades of Lingbergh’s baby). Yet this is the situation we find ourselves in.

Your Org’s Threat Model Just Got Personal

If you’re in corporate leadership, the question isn’t just, “Is my company secure?” but “Who in my company is a soft target?”

Think beyond the CEO. Think key engineers, compliance officers, government liaisons and their families. Think activist-driven campaigns where exposure, not encryption, is the tactic.

This raises difficult questions:How much should companies invest in executive protection? 

1. How do you disclose that in SEC filings without making your execs bigger targets? 

2. Is this a security function, a legal function, or a PR function? 

3. As one dinner guest remarked, “You’re only as secure as your kid’s Instagram settings.”

Bridging the Cyber-Physical Divide

We’ve covered this intersection before at Security Boulevard, notably in articles on companies like BlackCloak, which helps protect personal devices and networks of high-profile individuals. But the 360Privacy approach goes even further — tying together cyber threat intel, digital footprint reduction and actual physical threat response in one service.

It’s not just about firewalls. It’s about flight plans, car routes, social media profiles, SIM swap prevention and even home Wi-Fi.

Frankly, I hadn’t fully appreciated how closely tied cyber and physical security have become. In a world of ubiquitous data and weaponized AI, you can’t defend the body without defending the bytes.

What You Can Do Right Now

If you’re in a sensitive industry — defense, energy, media, pharma, you name it — start shrinking your personal digital footprint now.

1. Audit your family’s digital exposure. 

2. Lock down your social media. 

3. Use alias phone numbers and email addresses. 

4. Consider working with firms like 360Privacy or BlackCloak. 

5. And educate your leadership team on why this matters — because “I didn’t know” won’t cut it when the unthinkable happens. 

This dinner conversation at Black Hat shook me. Not because I learned something entirely new, but because I realized how fast this threat is evolving — and how little most of us are doing about it.

We’ll be covering this intersection of cyber and physical security more in the months to come. The threat is real. And as always, awareness is the first defense.