My cell phone rang late one night in the spring of 2008. The Chairman of a public company – and one of the wealthiest individuals in the world – introduced himself and said he’d been given my number by a highly trusted business advisor who described our firm as well positioned to provide insight into the type of executives best prepared to meet the security risk management responsibilities of a Chief Security Officer (CSO) on a world-class level.
The Hillard Heintze Solution
Over the course of that night’s discussion – and in the days that followed – this gentleman and I talked about his high-profile personal circumstances and work-related, global responsibilities and travels. He outlined his expectations and emphasized his need for a CSO with exceptional credentials. While he talked, I listened to his concerns and asked questions. As he answered, I filtered and compared his responses to my own experiences – as a senior security executive; as a mentor to direct reports tasked with comparable assignments, and as an advisor to organizations and entities seeking to establish programs with integrity following mission-critical failures in security leadership and functions. Quickly apparent – based on this leader’s wealth, position, political interests, global travel pattern, interaction with stakeholder communities and geopolitical point-of-view – was a significant need for a highly accomplished level of security leadership comparable to that protecting world leaders. Over the next few days, my team and I assembled a short list of six candidates with exceptional international credentials and, on a confidential basis, provided our new client with their resumes.
Impact on the Client’s Business
The client interviewed four of these individuals and hired one. Six years later, that CSO is still in place and, in fact, has been very successful in aggressively building out the best practices in security risk management necessary to support the world-class scope, capability and profile of the security risk function crucial to protecting this particular CEO and his ability to continue delivering high-performance public company results for shareholders worldwide.
Unplugged: The Project Manager’s Perspective
“It may be tempting to think that individuals with world-class credentials in security – such as those who have been entrusted with the personal protection of the U.S. President and his family – are naturally well suited to any protection assignment with high levels of security risk, for any given set of potential targets. That’s only true to a certain extent. Such an assumption risks overlooking other critical factors – such as the executive’s personality traits, lifestyle preferences and domain-specific expertise demonstrated over decades by award-level, peer-surpassing performance under pressure. Finding the right match for a high-profile position requires not just tapping an elite pool, but also personally understanding how each individual will act and react under many different circumstance.”
Two Key Take-Aways
1. Make Sure You Have the Right Executive-Level Security Leader in Place: When we conduct an independent assessment of a corporate security program, one of the priority areas we review is the depth and strength of their security leadership. You can “grow” a security program from the “bottom up” – and you should always place a premium on elevating in-house personnel, where appropriate. But if the organization needs to achieve a step change in the maturity of its program, or if complex challenges such as global integration and cultural change management are on the table, it may be critical to reach outside the organization for a leader with direct experience in the business and security environment that the organization is trying to achieve.
2. If You’re Planning to Achieve Significant Program Transformation Quickly, Then Support Your New CSO: It’s hard for new CSOs to hit the ground running – for three reasons. (1) They need time to learn about the organization, interview key managers and decision-makers to understand their expectations and set a particular course of action. (2) Sometimes that course of action highlights actions that may reflect the personal agenda of one or a few executive leaders, but are not necessarily based on a broader understanding of the security program’s most critical opportunities. (3) The existing team has its hands full meeting daily demands and tasks – and has little time for a new wave of strategic planning and strategy creation. (4) New CSOs typically are hired with a mandate to introduce change – not just give the company “more of the same.” And change requires not just a strategy, but new ideas and a layered approach to changing the culture and internal mindsets. What do we recommend? Commission an independent security assessment while the recruitment process is under way. Then have the findings emerging from this assessment translated into a crisp, actionable three-to-five year Security Strategy Blueprint. Do that – and your new CSO will be able to demonstrate results very quickly.
(What’s it like on the front line supporting the firm’s clients? What are the challenges the firm’s experts help senior business executives, general counsel, board members and other decision-makers address? Welcome to ACTION WEDNESDAY. Every Wednesday, the Front Line Blog publishes a new case study.)