Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Security Enterprise ServicesSecurity Leadership and ManagementPhysical SecurityCybersecurity News

The first 90 days of a Chief Security Officer

New Chief Security Officers who approach the role with a strong focus on understanding organizational culture for the first 90 days are likely to enjoy success. Here, CSOs provide advice on how to start off on the right foot.

By Maria Henriquez
SEC0721-CSO-Feat-slide1_900px

PeopleImages / E+ via Getty Images

SEC0721-CSO-slide2_900px

Will you demonstrate an inspiring vision and a sound, effective strategy and lead your team toward success by capitalizing on their talents and strengths?

Adam S. Lee, VP and CSO, Dominion Energy. Image courtesy of Lee

SEC0721-CSO-slide3_900px

Within the first 90 minutes, commit to diversity, equity, a just culture, and a policy of ‘zero incidents’ — not ‘zero tolerance.’

Jim Sawyer, CPP, CHPA, Director of Security Services, Seattle Children’s Hospital. Image courtesy of Sawyer

SEC0721-CSO-slide4_900px

We need to keep organizational culture healthy and productive, as an ineffective culture can not only bring down leadership, but negatively impact the bottom line.

Amy Lyons, Head of Corporate Security and CSO, Bristol-Myers Squibb. Image courtesy of Lyons

SEC0721-CSO-slide5_900px

When you take the time to learn the organization and its culture, you’ll have a better chance of surviving it.

Steven Antoine, Chief Security Officer for Yum! Brands Inc. Image courtesy of Antoine

SEC0721-CSO-Feat-slide1_900px
SEC0721-CSO-slide2_900px
SEC0721-CSO-slide3_900px
SEC0721-CSO-slide4_900px
SEC0721-CSO-slide5_900px
July 9, 2021

Congratulations! You’ve climbed the ranks of a security department and have started a new role as the Chief Security Officer (CSO). And, as excited as you may be about the new role you are taking on, you’re probably just as nervous and stressed about how you will navigate your new organization, manage its culture, build trusting relationships, and deliver on the expectations set by the organization.

While every new CSO faces unique challenges based on the organization’s mission and its security posture, the focus remains the same for every new CSO: ensure that their organization's security function adds value and gives it a competitive advantage. Your first 90 days as a CSO lay the ground foundation for this focus, and ultimately, determine your success in the new position.

Here, the following security leaders discuss how a new CSO can approach his or her new role in the first three months for maximum effectiveness:


- Adam S. Lee is Dominion Energy’s vice president and chief security officer. He directs the development and implementation of corporate security strategy and policies which protect the company’s physical and cyber assets, valued at over $100 billion and spanning 20 states.

- Jim Sawyer, CPP, CHPA, is Director of Security Services for Seattle Children’s Hospital – a position that he has held since 1975. At Seattle Children’s Sawyer plans, implements and evaluates the overall strategy and related plans to ensure a safe and secure environment for patients, families, visitors and employees with an emphasis on prevention.

- Amy Lyons is the Head of Corporate Security and CSO for Bristol-Myers Squibb. Lyons leads enterprise wide security programs to address emerging threats in today’s complex business environment impacting patient safety and to safeguard the company’s assets, people and most sensitive information.

- Steven Antoine is Chief Security Officer for Yum! Brands Inc. Antoine is responsible for leading Yum! Brands’ life safety, duty of care, executive protection, employee travel and physical security strategies globally; and for helping to educate, advise and support franchisee owners and operators to improve their capabilities in this space in an ever-changing marketplace.

 

Security: What are the critical focuses for a CSO during the first 90 days?

Lee: For a new CSO who has just promoted into the role, transitioned from government, or who is entering the role from another non-security field, the first 90 days can be daunting; it’s easy to lose focus. Of course, you must assess the capabilities of the security organization you now lead, take an inventory of its security-related capabilities, and establish an understanding of how the security organization interacts with the larger corporate enterprise. You mustn’t lose focus on the nature of the executive leadership role – your team will be watching you from the day you arrive to see what impact you will have on their professional lives; will you demonstrate an inspiring vision and a sound, effective strategy and lead your team toward success by capitalizing on their talents and strengths? Will you rely on your own talents and strengths and lead through command and control? Stay focused on being an executive and lead through vision and strategy!

Sawyer: As a new CSO, encourage and advocate teamwork, collaboration, and open communication from day one. Communicate to all staff that you indeed have an open door policy for all staff. Within the first 90 minutes, commit to diversity, equity, a just culture, and a policy of ‘zero incidents’ — not ‘zero tolerance.’ As a new CSO, you must also advocate for a policy of comprehensive threat reporting from the outset. It’s critical to establish the best practice that all threats are reported without exception, to help maintain a safe and therapeutic work environment. As part of your comprehensive safety and prevention plan, promote a strong domestic violence support plan for all staff. It’s also important you meet and greet local law enforcement within your first 90 days.

Lyons: During the first 90 days, focus on understanding the organization’s business need, role expectations with management, senior stakeholders and your new staff. It’s important to start developing meaning relationships with new staff and conduct an assessment on their knowledge, skills, and abilities. Collecting team members inventory skills by talking to team members, holding one-on-one meetings and observing performance can help ensure employees’ goals are aligned with organizational and security goals. It is also critical to meet with your business partners, stakeholders, the C-suite, especially General Counsel, and all leaders within the organization. Being visible and known among all management, senior stakeholders and your new staff can help learn organizational structure and establish mutual agreement on expectations and role responsibilities. It can help you uncover the organization’s security posture and if it’s functioning at best performance.

Antoine: Within the first 90 days, spend time understanding the organization, what type of industry it operates in, and learn its organizational structure. When you take the time to learn the organization and its culture, you’ll have a better chance of surviving it. You also have to check in with your coaching structure because you need to establish priorities, to include a clear understanding around the organization’s priorities and opportunities for improvement. Next step is to create an actionable blueprint on how to achieve goals effectively. I recommend starting with easy-to-accomplish tasks or easy-to-solve problems, as opposed to efforts that are going to take longer investment, whether that’s time or money. Develop a strategy to prioritize which efforts to tackle first and what the deliverables are. Another important goal is to build relationships with all security staff, leadership and stakeholders. Listen, observe, learn and collect as much information to get a broad picture of what the organization is all about. This will help you increase your knowledge and awareness of the organization’s customers and business goals, and in turn, align your security program to support the vision of the organization.

 

Security: What’s your advice on how you get a handle on the culture and how the CSO role fits within their new organization?

Lee: Culture can, indeed, constrain strategy. It is important to understand the culture of your new organization and, sometimes, culture change can and should be an early part of your strategy. If the enterprise your organization is charged with securing involves significant risk – critical infrastructure, significant national asset, etc. – it is important to frame your interactions with your company’s board, top-echelon leadership, and your colleagues within the C-suite around security risk to the enterprise. If you aim small, your program will be considered small, your budget will be small, and your contribution to mitigating the most significant risks will be small. Of course, you must be proficient at responding to security incidents and other emergencies. Your program, however, must also manage the threats of corporate espionage and fraud, stock manipulation, theft of valuable trade secrets, active shooter and other major workplace violence issues, etc.; all of which pose significant security risk and liability exposure. An effective executive in the professional security discipline must have a strategic mindset, understand the threat picture, and maintain a global, holistic mindset.

Sawyer: During the first 90 days, it’s critical to learn the culture of the organization. Talk to all security staff and ensure you talk to staff outside of the security and support staff too. Visit the company after hours and on weekends, and talk to all staff again. It’s important to read the company mission statement and review how that is accepted internally. It’s also critical to ask for security reports from the past year, a recent CPTED review, a risk vulnerability assessment of the company and do a comprehensive physical assessment and focus on parking lots and perimeter areas. This can help you get a sense of the culture of the organization and assess its security posture and plan accordingly. When learning the culture, ask for an area crime demographics analysis, which can be invaluable. Quietly review the company weapons policy and bullying policy and find out the company position on cultural awareness, equity and diversity.

Lyons: It’s critical to fully understand the culture of the organization and how security fits into the organization’s ecosystem and how security can best serve the business too. I recommend conducting an initial assessment of the core function and responsibilities of corporate security, and evaluate how it helps protect the organization’s people, assets and reputation. To get a handle on the culture of your organization, talk to your team members and interface with leaders at all levels within the company to understand what the organization’s risks and threats are and to better understand how corporate security can be a value add, without being heavy-handed or restrictive. Collect feedback and encourage employee voice. We need to keep organizational culture healthy and productive, as an ineffective culture can not only bring down leadership, but negatively impact the bottom line. In the end, we are here to be business enablers, and help the organization accomplish its mission by identifying factors that could impact the business.

Antoine: As a new CSO and newcomer, you must engage in the social networks of the organization to make sure you learn the organizational culture. This is a crucial step in developing sound strategies that support enterprise objectives and goals. Invite your team and yourself to engage into programs that are not security related. Attend programs, business meetings, and spend some time investing in other corporate functions. When you invest in other people, they tend to invest in you. There, you will learn how they think and what’s important to them. In turn, this will help you determine how the CSO fits within the organization. We are not only security leaders, but business executives who are instrumental in developing an effective security program aligned to the organization’s business operations.

 

Security: What is your best advice for a CSO during the first few months?

Lee: There are tremendous resources out there for security professionals, even those at the executive level. Your time will be constrained by the ‘tyranny-of-the-urgent,’ but time spent leveraging the experience of others in the security space is worth it. You will likely have industry peers who are eager to benchmark with you and share thoughts and experiences. Reach out to them; get to know these people. Additionally, many sectors have government resources which can inform you and help you keep your eye on the strategic threat picture discussed earlier. The FBI’s Domestic Security Alliance Council (DSAC), the Department of Homeland Security’s Classified Intelligence Forum (CIF) and its Cybersecurity and Infrastructure Security Agency (CISA) for critical infrastructure enterprises, and the myriad state and local groups focused on security issues are invaluable for understanding the most significant threats to large commercial enterprises nationally and in your area.

Sawyer: As a new CSO, advocate and teach that security is an active-integrated department. Safety and security is everyone’s job and responsibility. Always keep in mind that security team members are, in fact, active partners with every organizational entity – it is not a siloed department removed from the organization but an active integrated work team that supports and partners with all staff.

Lyons: Listen, learn and ask a lot of questions. Consult internally within the company and network with other CSOs in the industry to learn from their experiences. This is very important because other executive leaders have significant security and business experience and can offer seasoned advice on how to add value to your organization. There is a wonderful network of CSOs that are happy to share their experiences and best practices with others. It’s also important to network internally – get to know and learn who your critical partners are, such as the Human Resources leader, the Chief Information Security Officer (CISO), and the leaders of compliance and ethics, manufacturing and all other partners who can help you learn about the organization and expand your risk and threat awareness.

Antoine: Ask a lot of questions, and invest in other functions. Engage with all business partners, stakeholders, and staff. Most CSOs know the security business already, but they need to learn the business that they support and the functions that they work with. A CSO’s priority will be not security-focused at the gate, it's going to be business-focused out of the gate. The better a CSO understands the partners they’re working with, the more effective they will be.

KEYWORDS: business value Chief Security Officer (CSO) culture organizational resilience physical security risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Maria Henriquez is a former Associate Editor of Security. She covered topics including cybersecurity and physical security, risk management and more.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • SEC1119-career-Feat-slide1_900px

    The First 90 Days of Your New Security Job

    See More
  • Security and Compliance Compensation report

    The salary of a Chief Security Officer

    See More
  • Money tree

    The salary of a Chief Security Officer

    See More
×
PeopleImages / E+ via Getty Images
Will you demonstrate an inspiring vision and a sound, effective strategy and lead your team toward success by capitalizing on their talents and strengths? Adam S. Lee, VP and CSO, Dominion Energy. Image courtesy of Lee
Within the first 90 minutes, commit to diversity, equity, a just culture, and a policy of ‘zero incidents’ — not ‘zero tolerance.’ Jim Sawyer, CPP, CHPA, Director of Security Services, Seattle Children’s Hospital. Image courtesy of Sawyer
We need to keep organizational culture healthy and productive, as an ineffective culture can not only bring down leadership, but negatively impact the bottom line. Amy Lyons, Head of Corporate Security and CSO, Bristol-Myers Squibb. Image courtesy of Lyons
When you take the time to learn the organization and its culture, you’ll have a better chance of surviving it. Steven Antoine, Chief Security Officer for Yum! Brands Inc. Image courtesy of Antoine

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!