Rebuilding Influence after Corporate Restructuring

May 1, 2011

Company reorganizations are a fact of business that may have grown more frequent as our economy has changed in recent years. If your organization is going through one, or you believe there may be cause for changes in its governance and reporting structures, it is critical for you to think about the impact these changes may have on security’s influence.

Will there be any personnel changes at the senior management level? If previously supportive people leave, all of the ground you covered and trust you earned while gaining support for your program may be walking out the door. Hopefully, you already have a metrics program in place so you can show new senior management an objective view of your program goals and accomplishments. Remember: Brief and to-the-point presentations are crucial for this audience.

If you will be reporting to a new boss, there are several questions you should ask yourself. Have you taken steps to educate him or her about your program, the value it brings, and the results you have achieved? Are you able to effectively and quickly communicate the services the organization finds valuable, including the view from your boss’ peers? Can you clearly articulate who the primary customers are of each security service? Can you demonstrate how each area of the company (audit, sales, comptroller, marketing, R&D, etc.) utilizes security? Can you demonstrate the cost, head count and results of each program/service?

Get yourself to the place where you can answer “yes” to all of these questions. Then, after doing that, discuss with your new boss what he or she feels should be changed or modified. Consider reinventing or restructuring your security program in a manner that (re)appeals to senior management and (re)establishes it as a crucial partner within the organization.

How well have you been aligning your programs with corporate-level goals? Do you know how ready your organization is for your security programs? Do they look at them as reducing risk in well-defined areas (e.g., workplace violence or investigations)? Do they view security as a true business partner? Knowing how senior management views security will help you define your programs to meet their current expectations. You can’t expect your programs to be accepted (or continually accepted) because they may have worked in the past. You must keep up with the ongoing transformations of the business.

You must also take a hard look at where you are as a security leader. Have you settled into a “maintenance” stance? While it is clear many security departments are currently understaffed and are working with a meager budget, consider the next stage you want to achieve. Try to find a way to keep existing programs well maintained while you build up your capacity to identify and manage emerging issues. If your department is thought of as simply a cost center, when the inevitable business shifts loom, you will surely be in the line of fire.

When corporate restructuring is on the table, take the time to think through your situation and the organizational structure. Then, plan strategies that will eventually get you back to the position of a valued, revenue-enhancing partner of senior management. And look at this as an opportunity to improve your function, build its influence, align it with business goals, and better reduce risk.

If you have questions on how to realign after a structure change, or if you’d like to share your experiences and lessons learned, contact us at contact@secleader.com.

Bob Hayes is Managing Director of the Security Executive Council. He has more than 25 years of experience in security, including eight years as the CSO at Georgia Pacific and nine years as security operations manager at 3M. The Council works with Tier 1 Security Leaders™ to reduce risk and add to corporate profitability in the process. To learn about becoming involved, visit www.securityexecutivecouncil.com/?sourceCode=secmag.

Kathleen Kotwica is executive vice president and chief knowledge strategist for the Security Executive Council. Prior to joining the council, she held a wide range of leadership positions, including information architecture consultant at a New England consulting firm, director of online research at CIO and CSO magazines, and research associate at Children’s Hospital in Boston. The Security Executive Council, a risk mitigation research and services organization for senior security and risk executives from corporations and government agencies responsible for corporate and/or IT security programs. In partnership with its research arm, the Security Leadership Research Institute, the Council is dedicated to developing tools that help lower the cost of security programs, making program development more efficient and establishing security as a recognized value center. Visit https://www.securityexecutivecouncil.com/about/spotlight.html?sid=26499.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

Rebuilding Influence after Corporate Restructuring

Recent Articles by Bob Hayes

How Business and Risk Drivers Impact Mitigation Strategy

Coping with Changes to Company Leadership

Protecting People at Risk

Security Magazine

2020 September

Rebuilding Influence after Corporate Restructuring

Recent Articles by Bob Hayes

Related Articles

Report Abusive Comment