What Every CEO Should Understand

December 1, 2011

During the past year I have had the wonderful opportunity to meet and interview the best and brightest CSOs. Each was asked what every CEO should understand about security. Their ideas, advice and wisdom are shared with you in this month’s column. What should your CEO know? Share it with us at mccourtm@bnpmedia.com

“CEO’s should look at their security organizations as a business partner, innovator and contributor to overall goals. If they set their expectations in this manner, then they allow security to demonstrate its value in these terms.”

Tim Janes, Capital One

“Risk management and security are truly about contributing to the business. CEOs should understand that world-class security is another sign of a well-run operation and a selling point to attract and retain employees and investors. Risk management is critical to position the company for growth.

Jeff Larner, Peabody Energy

CEOs have come to understand that risks exist and the security programs to mitigate them are not optional. It is a cost of doing business. But done correctly, organizations gain a better understanding of their business processes and the ability to better control process and make them more effective.”

Bernadette Morris, Conair

“Today, CEO’s recognize that security brings value to the table and that there is an ROI. They see the return and have gained a respect and trust for the role. Important is that they understand what security can do for their organization and communicate it. That is often not understood but needs to be.”

Rick Fisher, CB&I

“Every CEO should understand the value of preparedness and consider the dynamics of human behavioral effectiveness for a successful and sustainable business in times of security and risk planning. Focusing a percent of resources on safety and security training and education reduces critical risks through both awareness for prevention and response to events.”

Dr. Krista Osborne, Starbucks

“Security is more of an art and less of a science. A good security leader should be able to translate the art into numbers and metrics, which make security a science. A security leader who does so understands their craft. And every CEO should recognize that security is its own skill set and profession and that it needs to be staffed accordingly. And they should expect their security organization to deliver value.”

Bryan Warren, Carolinas Health Care

“CEOs have also become knowledgeable about the necessity and value of security in their organizations. They recognize that they must set the tone and lead by example. There must be a commitment from senior managers, working in unison, to achieve the organizational goals of the institution. Further, that security cannot succeed without the partnerships that we develop and nurture with others. Also, we cannot function in a vacuum and must communicate effectively with all internal and external stakeholders.”

Domenic Ceccanecchio, Drexel University

“Every CEO should understand that they impact more than their own business, their actions and their company has a residual, downstream impact on their clients. Risk and security planning will heighten or lessen that impact. A key reason I love my job is that I enjoy knowing what we do makes a difference. Each day we do our job, we are protecting multiple, national economies and a way of life. Risks that can harm a business and its employees are managed for them. They are protected from them.”

Roland Cloutier, ADP

“Every Mayor should understand the huge, gray, positive impact security delivers. There is a profound comfort and freedom of employees to come to work or visitors to enjoy the city. Accessibility and the availability of our facilities have a direct impact on Toronto’s brand and financial health. There are unfortunately far-reaching negative effects of not having a balanced security program.”

Dwaine Nichol, city of Toronto

It is a challenge to execute new editorial thinking, new websites, redesigned eNewsletters and a world class Security 500 Conference in step with 12 great magazine issues in an unfriendly economy. As 2011 comes to a close, thanks to the entire Securitymagazine team for a great and rewarding year. I know it was not nearly as easy as you all made it look.

Here is wishing a secure holiday season to our readers, advertisers, partners and team.

Mark McCourt is the publisher of Security magazine.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

Join our subject matter experts as they explore how the right systems can help identify, analyze and report potential incidents and help building owners sustain compliance and create safer spaces.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

What Every CEO Should Understand

Recent Articles by Mark McCourt

A New Year's Prediction: The Internet of Things Changes Everything

As Risks Expand, So Does Security's Responsibility

How the Security Evolution Turns to Prediction

John Dailey: Life Happens Here

Gary Gagnon: Unique-ness

Security Magazine

2020 September

What Every CEO Should Understand

Recent Articles by Mark McCourt

Related Articles

Related Products

Related Events

Report Abusive Comment