I was standing outside a vehicle entry control point at a massive data center. One of the big hyperscalers. Billions of dollars in infrastructure either built or under construction. Inside was the most advanced water-cooled GPU farm I had ever seen.
The guard shack had bullet holes in it.
Not metaphorical bullet holes. Actual rounds had been fired at the entry point where workers checked in every morning.
I looked up. At any given moment I could count between five and ten drones overhead. Some were construction-related. Some were not. Nobody could tell me with certainty who was operating all of them or what they were collecting.
A local political fringe organization had been targeting the construction company working on the site. There had been actual ambush incidents. Workers followed. Vehicles confronted. People put in situations where their physical safety was at immediate risk.
This was not in Colombia. Not in Iraq. Not in any of the high-threat international environments where I have spent much of my career. This was in the United States.
I am telling you this because I think the people making decisions about AI security are not hearing it from anyone who has actually stood in these places and seen what is happening on the ground. And I think most of them assume that "domestic" means "safe." It does not.
The threat is here, not overseas
I have spent 25 years doing security operations, a lot of it in places most people would consider dangerous.Managing thousands of security personnel across Latin America, the Middle East and other exciting locations. Executive protection in high-threat international environments. I have worked in countries where ambushes, hostile surveillance, and attacks on infrastructure were expected. You planned for them. You staffed for them. You built your entire operation around the assumption that the threat was real and present.
What caught me off guard about that data center was not the threat itself. I have seen worse. What caught me off guard was that it was domestic. And that the organization's security posture did not remotely reflect what was actually happening outside the fence.
In my experience overseas, when you stand up a high-value facility in a contested area, you build security into the operation from day one. Threat assessments before you break ground. Armed security with rules of engagement. Counter-surveillance. Route analysis for every person who enters and exits. Intelligence collection on local threat groups. Coordination with host-nation authorities. These are standard practices in international high-threat environments. They are considered normal and necessary.
In the US, the AI industry is building facilities that are just as high-value and in some cases facing threats that are just as real, and they are protecting them with a guard service contract and a camera system.
The assumption seems to be that because it is America, the threat environment is fundamentally different. That assumption is wrong, and it is getting tested right now.
The workforce is the soft target
The AI industry talks constantly about cybersecurity. Model security. Data security. Alignment. All of it matters. But there is a conversation that is barely happening, and it is about the physical safety of the human beings who build, operate, and maintain AI infrastructure on American soil.
Construction workers building data centers are being harassed and in some cases physically threatened by groups who oppose the projects. This is not happening in remote corners of the developing world. It is happening in American communities where a hyperscaler showed up, started building, and generated local opposition that nobody planned for.
Engineers and technicians who work inside these facilities commute through areas with no security presence. Researchers at AI companies carry intellectual property in their heads that nation-states would spend enormous resources to access, and most of them have never had a security briefing in their lives. They assume they are safe because they live and work in the United States. That assumption made sense ten years ago. I am not sure it makes sense now.
The threat picture is coming from several directions. Anti-technology and environmental groups that see data centers as targets. Local opposition that has escalated from zoning protests to physical confrontation. Criminal actors who understand the value of what is being built. And nation-state intelligence services that operate on US soil and have been documented targeting AI talent for recruitment and compromise.
Most AI companies have no program to address any of this. The physical security budget, if there is one, covers the facility perimeter. Not the people. Not the commute. Not the workforce that makes the entire operation possible.
The gap between international and domestic security thinking
Here is what I keep coming back to. If I told a board of directors that their company was building a billion-dollar facility in Latin America, and that the construction site had been shot at, workers had been ambushed, and unidentified drones were flying overhead daily, the response would be immediate. There would be a threat assessment within the week. A security team on site within the month. A comprehensive protection plan covering the facility, the workforce, the supply chain, and the executives.
But when the same things happen domestically, the response is different. It gets handled by local law enforcement coordination and maybe an upgraded guard contract. There is no threat assessment. No personnel security program. No counter-surveillance. No intelligence collection on the groups responsible. The assumption is that because we are in the US, the existing systems will handle it.
They will not. Local law enforcement in a rural county where a hyperscaler is building does not have the resources or the mandate to provide ongoing security for a private construction project. They respond to incidents. They do not prevent them. And the contract security companies staffing these sites are not trained, equipped, or authorized to deal with the kind of threats that are actually showing up.
The security discipline that exists for international high-threat operations needs to be applied domestically. Not because the US has become a war zone. But because the specific combination of high-value targets, rapid expansion into resistant communities, and organized opposition is creating threat environments at specific sites that demand the same rigor.
Why this is a boardroom problem
If you are a General Counsel, this is a duty of care issue, and the case law is not going to be kind to organizations that knew about threats and did not act. Your obligation to provide a safe working environment extends to construction sites, remote facilities, and anywhere your workforce is exposed to foreseeable risk. Bullet holes in a guard shack and documented ambush incidents are foreseeable risk. If someone gets hurt and the response is "we had a guard service," that is not going to hold up.
If you run security for one of these organizations, I would ask you directly: do you have a threat assessment for the human layer of your domestic operation? Not the network. Not the facility perimeter. The people. Their commute routes, their exposure to hostile surveillance, their vulnerability to being followed, confronted, or targeted. If the answer is no, or if the answer is "that is a law enforcement issue," you have a gap.
If you sit on a board, the question is whether anyone with operational security experience has actually walked your domestic sites and told you what the real threat picture looks like. Not your IT security vendor. Not your compliance team. Someone who has worked in high-threat environments and can recognize when a domestic site has become one.
What should be happening
Every AI company operating data centers or research facilities in the US needs to stop treating domestic physical security as a lower tier of concern than international security. What I would want to see at a minimum is threat assessments specific to each site that account for local opposition, criminal threat, and intelligence threat. Travel and commute security protocols for employees at exposed locations. Counter-surveillance awareness training so workers can recognize when they are being watched or followed. A reporting and response system for threats and incidents that does not dead-end in an HR inbox. Coordination with federal authorities, not just local law enforcement, on organized threat groups. And drone detection and monitoring capability at every major facility.
For organizations building new facilities, security should be part of the site selection process. That means understanding the local environment before you break ground. Who opposes this project. What groups are active. What is the history of confrontation with industrial or technology development in the area. You would do this analysis for an international site without thinking twice. There is no reason to skip it domestically.
Someone in leadership needs to own this as an operational function. Not a line item under IT or facilities. A function with authority, budget, and direct access to the executive team.
This is going to get worse
The AI buildout is accelerating. More data centers. More remote locations. More construction in communities that did not ask for these projects and in some cases are organizing against them. The political and social opposition to AI infrastructure is growing, not shrinking.
I have spent most of my career in places where this kind of escalation is familiar. Local opposition starts with protests. It moves to harassment. It moves to property damage and confrontation. Sometimes it stops there. Sometimes it does not. The trajectory I am seeing at some domestic AI infrastructure sites follows a pattern I have seen before in other contexts and other countries.
The difference is that overseas, organizations plan for it. In the US, they are hoping it does not happen. Hope is not a security plan.
The cost of a real personnel security program is a fraction of what these companies spend on a single GPU cluster. The cost of not having one is going to be measured in liability, operational disruption, talent retention, and at some point, someone getting seriously hurt.
If you are responsible for people who build, operate, or work inside AI infrastructure in the United States or internationally, and you do not have a plan for their physical security, that is the conversation you need to be having this week.
If your organization is building AI infrastructure and nobody on your team has stood in a place like the one I described, we should talk. 25 years in high-threat environments, corporate security consulting, high-risk protection and working with the board and insurance companies to build realistic programs. I know what these threats look like because I have worked in them my entire career. Reach out directly.