Most people who hire executive protection for the first time have never done it before. They’re responding to a specific trigger: a threat, an incident, a divorce, a public controversy, or a growing awareness that their visibility has outpaced their safety infrastructure.
In that moment, they usually do what anyone would do. They ask their attorney, their family office, or a trusted friend for a recommendation. Someone suggests a firm. The firm looks professional. The agents are well-dressed, well-spoken, and come with impressive resumes. A contract gets signed.
Six months later, the principal discovers that their protection team can’t answer basic questions about their digital exposure, hasn’t conducted a single advance assessment in weeks, and communicates with the estate security team approximately never.
This happens more often than the industry wants to admit. And it happens because most principals don’t know what questions to ask.
Here are ten that matter.
1. What Does Your Threat Assessment Process Look Like Before You Deploy Anyone?
Any credible executive protection firm should conduct a comprehensive threat and risk assessment before placing a single agent on your detail. This isn’t a conversation over coffee. It’s a structured process that examines your digital footprint, your physical environment, your travel patterns, your staff and vendor access, your family’s exposure, and the specific threat vectors most relevant to your profile.
If a firm is willing to start work next week without conducting this assessment first, they’re not providing protection. They’re providing labor.
2. How Do You Integrate Digital Threat Intelligence With Physical Protection?
In 2026, the digital and physical threat landscapes are inseparable. A leaked credential can lead to a physical breach. A geotagged social media post can reveal a principal’s location. A data broker record can provide a home address to anyone willing to pay $20.
Your EP firm should be actively monitoring digital channels and feeding that intelligence into physical protection decisions. If they treat digital and physical as separate domains, they’re operating the same way the industry operated in 2010.
3. What’s Your Advance Work Process?
Before you attend any event, dinner, meeting, or travel to any destination, your protection team should be conducting advance work. This means assessing the venue, the route, the parking, the egress options, the guest list if available, and any threat intelligence relevant to the location or timing.
Ask what their advance work process actually looks like. How far in advance do they assess? What tools do they use? What do they document? What decisions change based on what they find?
4. How Do You Handle Staff and Insider Risk?
The highest-probability threat vector in personal protection isn’t an external attacker. It’s someone with authorized access — a household employee, a contractor, a former staff member — who creates a vulnerability through carelessness, compromise, or intent.
Your EP firm should have protocols for monitoring insider risk. That includes staff vetting beyond basic background checks, device policies for anyone with access to the principal’s environment, and off-boarding procedures that address digital access when someone leaves.
5. How Do You Coordinate With Estate Security and Family Office Operations?
Executive protection doesn’t exist in a vacuum. It’s one layer of a broader security architecture that includes estate security, travel security, digital protection, and family office oversight.
If your EP team operates independently from these other layers, critical information falls through the gaps. When travel plans change, does the estate team know? When a digital threat is detected, does the EP detail adjust? When a staff member is terminated, does every security layer update simultaneously?
6. What’s Your Approach to Pattern Disruption?
Adversaries who target UHNW principals are patient. They observe patterns — commute times, gym schedules, restaurant preferences, school drop-off routines — and exploit the predictability. A protection team that doesn’t actively disrupt patterns is giving an adversary exactly what they need.
Ask how the firm identifies and breaks patterns. This should be a deliberate, ongoing process — not something they do once and forget.
7. Can You Show Me Examples of Your Intelligence Reporting?
Credible EP firms produce regular intelligence reports for their principals. These reports should cover current threat assessments, changes in the threat environment, digital exposure updates, and recommendations for security posture adjustments.
If the firm doesn’t produce regular intelligence reporting, they’re not monitoring the threat environment. They’re just showing up and standing around.
8. What Happens in a Crisis?
Every protection engagement should have a documented emergency action plan. This plan should cover medical emergencies, active threats, natural disasters, family separation scenarios, evacuation routes, and coordination with law enforcement.
Ask to see the plan. Ask when it was last updated. Ask whether the team has drilled it. A plan that lives in a binder nobody has opened since it was written is decoration, not preparation.
9. What’s Your Team’s Background — Really?
Impressive resumes are common in executive protection. But the distance between someone who served in a special operations unit and someone who served in a support role can be significant. The distance between someone with federal law enforcement investigative experience and someone who worked private patrol is equally significant.
Ask specifics. What units did your agents serve in? What was their role? What does their post-military or post-government experience look like? Have they operated in high-threat environments, or primarily in low-risk corporate settings?
10. How Do You Measure Success?
This question reveals more about a firm’s philosophy than any other.
Some firms measure success by hours worked, agents deployed, and contracts renewed. Those are operational metrics, not protection metrics.
A firm worth hiring measures success by incidents prevented, vulnerabilities identified and closed, threat assessments conducted, intelligence reports delivered, and the principal’s ability to move freely without disruption or exposure.
The goal of executive protection isn’t to surround you with security. It’s to make security invisible while making threats impossible.
The Real Test
After asking these ten questions, you’ll know within minutes whether you’re talking to a firm that provides executive protection or a firm that provides uniformed presence at an executive protection price point.
The difference matters. One prevents incidents. The other responds to them. And in 2026, the gap between prevention and response is where risk lives.
Learn how HKDS approaches executive protection differently →
