Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Leadership & Management

Security and the CFO: Show Me the Money

February 1, 2011
Jill Knesek

“I have been able to create relationships with the CFO and the C-suite, and I have regular quarterly meetings so that when it’s time to ask for money, the repertoire is there,” says Jill Knesek, CSO of BT.

Chief Financial Officer (CFO), Finance Director, Corporate Treasurer…whatever the title may be, they control the money in an organization – where it’s spent, how much is spent, perhaps even why it’s spent.

As a corporate officer in many organizations and with a spot at the C-suite, the CFO is primarily responsible for managing the financial risks of a corporation. This officer is also responsible for financial planning and record-keeping, as well as financial reporting to higher management. In some sectors the CFO is also responsible for data analysis. The CFO typically reports to the CEO and to the board of directors and may additionally sit on the board. 

As a CSO who may be trying to get a new security program or funding, the CFO is someone you’ll have to sit down and discuss how you spending money is actually going to save the company money. How do you sell security to someone who’s thinking it is all about dollars and cents, profit and loss and who possesses advanced business and financial degrees and experience?

For Jill Knesek, CSO of BT (British Telecom), it doesn’t have much to with security at all.

It’s The Business

BT is one of the world’s leading providers of communications solutions and services. The company’s principal activities include networked IT services, local, national and international telecommunications services, and higher value broadband and internet products and services. BT is also the world’s oldest communications company, with a direct line of descent from the first national telecommunications undertaking in the world.

The company’s global services security department, which Knesek heads up, operates in 170 countries, and is responsible for end-to-end security – cyber security, physical security, crime, fraud, asset protection and risk mitigation for 1,500 facilities. Knesek’s staff consists of 27 security directors.

Christopher Walker

“People in security think they are special because they save lives, but they’re not that special, because HR, marketing, sales and IT all think they’re special as well. We’re all competing for the same piece of pie,” says Professor Christopher Walker, executive professor of strategy with the College of Business Administration at Northeastern University, in Boston. 

“With a CFO, it’s important to talk about security, but it’s more important to talk about the business,” Knesek says. “It’s been one my biggest challenges. But I have been able to create relationships with the CFO and the C-suite, and I have regular quarterly meetings so that when it’s time to ask for money, the rapport is there. So when I get face time with the CFO or the Board, I articulate reducing the cost of crime, protecting our brand and reputation and showing security’s long term value.”

“As a telecommunications company, we see a lot of potential for revenue fraud,” she says, “for example, theft of assets, cable, copper, and illegitimate customers. So I tell the CFO how my security operations will save millions of dollars in fraud losses per year. Once you start talking about dollars and cents and revenue, provide metrics and articulate how you will reduce costs with mitigation plans in place, you’re on your way to reaching the CFO. Security is not just about throwing a guard at a problem, it’s about reducing risk.”

As a former CSO with a Fortune 50 company and with a leading media firm, Christopher Walker once reported to the CFO. Professor Walker is currently the executive professor of strategy with the College of Business Administration at Northeastern University, in Boston, Mass. Professor Walker has also consulted with a number of business firms across several industries. He has created management development programs within three universities and among a range of organizations and businesses.

During his career, he says, articulating the logic behind the security systems that you want in place was always a difficult task. “You have to articulate financial logic behind doing what you do,” he suggests. “If you ask companies to spend a large of amount of money for a feeling of safety, that’s not sufficient. Articulate how you’re going to reduce the company’s liability exposure and the loss of assets. Show the financial impact that could be attached to a security disaster.”

Specifically, Professor Walker advocates benchmarking. “Someone has that experience,” he says. “Look at what has happened and the financial impact of litigation that has taken place, the case laws that are out there and provide a logical argument that embodies the legal and the financial aspects.”

As with Knesek, Walker stresses understanding your company’s line of business first. He also says that past experiences may not be the best thing on which to rely.  “Maybe you have had success in another job so you make certain assumptions about what should be done in your current company. That’s not necessarily the best way to go about it because business is about context.”

The CFO: Tales from The Front

How have two CSO’s reached their CFO? Their advice:  

“I report in to our COO, so I am not an expert on presenting to a CFO, albeit I have tremendous support from our CFO who stands behind our mission. I can only add that we view security in two areas, moral imperatives (life safety stuff) and then business resiliency (things that make sense for protecting the business and building continuity). The way I break out my mission regardless of who I am presenting to in leadership is easy: If we do not get the moral imperatives right, we will lose the faith of our people and clients; that outcome is a zero sum game. The resiliency piece is more measured against risk and spending in areas that are needed to sustain the business (protection, response, redundancy).”

Timothy S. Weir

“I concur with Tim’s position. I do think, however, that presentation of information is different based on who you need to connect with, while the underlying premise (moral or resiliency) is the same. For example, a CFO is focused on the dollars of it all, so sound business cases that translate the issue and result into numbers/productivity will resonate better. In this case, if we’re talking about moral imperative, part of the pitch might be cost of lost productivity due to absenteeism, fear, distraction, etc. Resiliency usually translates easily to some business language. A Chief HR Officer will be more focused on associate safety, perception and more, and less on bottom lines or other financials. So, the basic premises remain the same – the “language” you use to convey the opportunity and solution is geared toward your specific audience.”

Timothy T. Janes, CPP, CFE

Business Programs for CSOs and Mid-Level Security Managers from ASIS International:

Wharton/ASIS Program for Security Executives

October 31-November 4, 2011 and January 23-27, 2012, Philadelphia, PA

www.asisonline.org

Business Concepts for the Effective Security Manager

ASIS and Northeastern University

March 8-11, 2011; October 18-21, 2011

Boston, MA

KEYWORDS: CFO Chief Security Officer (CSO) management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Leadership and Management
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

September 29, 2025

Global Security Exchange (GSX)

 

November 17, 2025

SECURITY 500 Conference

This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Lynn Mattice

    Aspen Opens a Dialogue on Homeland Security

    See More
  • Security Newswire

    Hackers Breach Nasdaq's Computers

    See More
  • Security Newswire

    One Dead, 11 Shot at Youngstown State University Fraternity House

    See More

Related Products

See More Products
  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

  • 9780367030407.jpg

    National Security, Personal Privacy and the Law

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing