Getting your Trinity Audio player ready...
Family businesses have several unique characteristics distinguishing them from public and conventional commercial companies. First, they are based on long-standing history, multi-generational traditions, and deep familial ties, contributing to a strong reputation and long-term commitment. Second, they tend to engage in long-term strategic planning and cautious management that reduces financial risks, unlike public companies, which often focus on generating immediate profits.
Family businesses can range from small to medium-sized enterprises; some have grown into global conglomerates. For example, a small dairy farm established by Hilde and Richard Strauss in their backyard in Nahariya in 1939 evolved into an international food and beverage corporation employing thousands in Israel and beyond.
However, the intersection between family and business creates an overlap between family life and business decision-making, which can lead to managerial challenges and complicated generational transitions. Many family businesses operate conservatively, adhering to traditional business methods and struggling to adapt to changes and emerging trends. This approach can result in slow responses to business risks and challenges, ultimately undermining competitiveness in a dynamic market.
Beyond internal challenges, family businesses also face significant external threats, including:
Threats to personal security and reputation: Due to the public exposure of business owners, they are vulnerable to threats such as extortion, cyberattacks on personal accounts, and damage to both individual and corporate reputations. There have been cases of sextortion attempts targeting family members or close associates of executives, where attackers threaten to expose sensitive or intimate information—whether real or fabricated—unless their demands are met (e.g., money, information, passwords, etc.). In extreme cases, kidnappings of family members or senior executives have been attempted to exert business influence or demand ransom.
Cyberattacks on information systems and infrastructure: Cyberattacks on businesses in general, and family businesses in particular, have become increasingly common. Hackers attempt to infiltrate company information systems to steal data, disrupt business operations, or extort money in exchange for restoring access. For example, ransomware attacks, where attackers encrypt a company's data and demand ransom for its release, have become particularly prevalent, with potentially devastating consequences. The dramatic increase in cyberattacks against Israeli businesses during 2024–2025, including those by pro-Iranian groups, has made family businesses an easy target due to their lower investment in cybersecurity compared to large corporations.
Internal fraud and embezzlement: Continuous exposure to fraud by an internal employee ("insider threat") or an external business partner can undermine financial resilience and severely impact business stability. Financial fraud committed by an employee exploiting their trusted position or a supplier taking advantage of a lack of strict oversight and controls can result in significant economic losses and reputational damage.
Lack of preparedness for emergencies: Many businesses do not have well-developed crisis management plans or continuity strategies. Unforeseen events such as economic downturns, supply chain disruptions, infrastructure failures, cyberattacks, or the sudden loss of key executives can cause significant upheaval and even jeopardize the company's survival. Periods of geopolitical tension, such as the current conflicts in the Middle East and between Russia and Ukraine, have led to a rise in cyberattacks on government sites and private businesses, including family enterprises, often carried out by international hacker groups.
How can these threats be mitigated?
To ensure the long-term stability and resilience of family businesses, they must act on several key fronts:
Risk mapping and assessment: Companies must analyze all business activities, employees, owners, and family members with high public exposure to identify sensitive areas vulnerable to criminal attacks, fraud, or extortion. A deep understanding of threats, including internal ones, enables the development of tailored and effective security measures.
Strengthening cybersecurity measures: Implementing advanced monitoring technologies, risk management tools, and robust cybersecurity mechanisms can prevent most attacks on business systems and infrastructure while protecting sensitive corporate information. Establishing an advanced technological monitoring framework that detects intrusions or data leaks in real time can significantly reduce damage. Given the assumption that every company will eventually face a breach, businesses should adopt a structured response plan, including the involvement of experienced professionals in crisis management and negotiations.
Enhancing personal security measures: Senior executives and their families require tailored security solutions. Many mistakenly believe that physical security measures alone are sufficient. Still, adequate protection also requires online monitoring and control, secure personal and business data management, awareness training, and preparedness for handling extortion attempts and physical threats.
Major General (ret.) Boaz Gilad Photo: CourtesyBuilding and maintaining organizational resilience: Companies must define relevant risk scenarios and ensure preparedness, recognizing that the question is not if a crisis will occur but when. This includes developing comprehensive business continuity plans for emergency situations, conducting advanced training exercises, and utilizing technological tools that enable employees and managers to handle crises effectively. Decision-making based on real-time data, minimizing damage, and quickly restoring full functionality are crucial.
- Major General (ret.) Boaz Gilad, a former senior official in the Shin Bet and Israel Police, is the CEO of S.T. Impact and a researcher at the Institute for Personal Security and Community Resilience at the Western Galilee Academic College