The Next Generation Security Leader

In the October 2009 issue of Security, leadership columnist Lance Wright reminded us of several key leadership attributes that are universally sought by successful organizations in all sectors. Descriptors like visionary, communicator, results producer, team player and change agent likely still resonate with this audience. Influence, or our ability to persuade others to follow, remains a pre-requisite for progress.

However, the jury is still out on current leadership. Few readers will be surprised to learn that we remain engulfed in a crisis of confidence resulting from the near global financial meltdown. Our public still asks, “Where were the risk mitigators?” For that matter, where was security for many of the manmade and natural calamities that followed 9/11?

Those who patted themselves on the back for “surviving” the downturn may be premature. An estimated trillion dollars was spent in that disappointing first decade of the new millennium, but where are the results? Stand-alone efforts for audit, business continuity, compliance, crisis management, fire protection, information security, physical security, risk management, safety, and others will continue to fall short. Too many programs depend on too few resources.

It is time for the communicators to stand up and differentiate themselves with the straight talk that is often expected of leaders. We fell short on many efforts because we insinuated the risk was covered. In some instances we lacked the courage of our convictions to elaborate on risk consequences. More often than not we stood up silo projects when hubris precluded cross-functional cooperation. We also failed to comprehensively measure risk or mitigation to distinguish failure or success and to show a discernible year-over-year contribution to the business. We relied on the 3 C’s – compliance, crisis response and complacency – in lieu of continuous improvement.

We clearly remain at risk. Manmade threats are formidable. Our adversaries are numerous and nimble, resources are constrained, and many of us have failed to protect needed talent for a road-mapped march to resilience. Natural hazards will exacerbate with climate change, pandemic contagion and near geologic seismic threats on the horizon. Much institutional knowledge has already been lost as we downsized, right-sized and reorganized.

Moises Naim paints the risk landscape in his heralded book Illicit: How Smugglers, Traffickers and Copycats are Hijacking the Global Economy. The former Venezuelan Trade Minster and Director of the World Bank makes the case that our adversaries are capable, cunning and resourceful global operators. What is our organizational readiness for all-hazards? Once proven, what is the likelihood that security services may be deployed as a revenue enhancement opportunity? Many lessons are yet unlearned.

In this atmosphere of global risk, our sometimes poor decisions have resulted in a short supply of long-term security results producers and successors. Our next-generation leadership may be our last, best chance to compensate for dwindling resources.

The Path to the Future

Identifying and retaining talent is the first order of business. We must examine candidates’ leadership roles and skills and use performance measurement tools. Next-generation leadership acumen will be sorely tested as a fluid risk environment is visited upon us with increasing compliance expectations and continuing resource constraints. Our ability to differentiate services, articulate value and retain talent is critical for brand protection. Business continuity in every sense is dependent on leadership continuity.

Our capacity to identify future practitioner, integrator and manufacturing security leaders will require our and their understanding of looming manmade and natural risk phenomena and financial global risk dependencies. Strategic acumen, technical project management, financial, intelligence, and other analytical skills will be needed. Team leadership and cross-functional influencing skills will also apply as diverse technology and process teams collaborate on the “enterprise of the future.”

Our agreement to learn collectively and collaboratively begins now. I’d like to continue this conversation with you, the reader. Send me a note describing the skills, qualities and knowledge you think the next generation of security leaders needs to make a difference in protecting and enabling our organizations. Send your comments to fdaddario@secleader.com.

Francis D’Addario is Emeritus Faculty, Innovation Services for the Security Executive Council and former CSO for Starbucks Corporation.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.