Issue link: https://securitytechnologyexecutive.epubxp.com/i/282968
www.SecurityInfoWatch.com f ever there was a business anthem for many of today's security leaders it's Bon Jovi's rock hit "Army of One". In a stressed corporate environ- ment where the constant mantra is do more with less, that sometimes means doing every- thing yourself. But as I heard at this month's Next Generation Security Leader Program hosted by the Security Executive Council (SEC) at the annual Great Conversation event in Seattle, being an army of one doesn't neces- sarily mean going it alone. While 24 percent of Fortune 500 companies have no in-house Chief Security Officer, there is usually a sin- gle point of contact in the organization that is entrusted to facilitate risk mitigation. The Army of One concept has become a business norm across many organizations. The economic crisis that enveloped the United States in 2008, which fueled more than $14 tril- lion in economic losses and created the highest unemployment rate since the Great Depression, forced organizations to rethink the way they went to business and retool their internal pro- cesses. Mark Lex, former CSO at Abbott Labs and currently a faculty member with the SEC, says that if you survived the economic downturn of 2008 through 2010 and are still with your current company, you have had to chart a new roadmap. He stresses that there are several key issues a down-sized security department and its leader must address to stay relevant. Chief among them is managing the "information glut" that can potentially overwhelm an executive. Providing concise metrics and updated dash- boards to the C-Suite is vital in keeping all par- ties informed and on task. He also maintains that today's security lead- er must anticipate the future as organizations endure contraction or embark on acquisitions. "This requires a nimbleness since change will alter how you run your department," Lex says. "Successful strategies will include driving risk ownership directly to the business. Do we assess the right risk and does management understand that risk?" Lex also challenges strapped security execu- tives to understand the total cost of running their departments and making sure there is alig nment with the organiz ation you are charged to secure. Leveraging external partners to achieve pro- gram objectives is a crucial element of success for any Army of One security leader explains William Plante, the former CSO of Symantec and now a consultant with the Aronson Security Group. "At the end of the day, you must be a visionary and share that vision with your com- pany." In a 2012 article in Bloomberg Businessweek, writers G. Michael Maddock and Raphael Louis Vitón dealt with Army of One concept, treating it more as a badge of honor than a curse. They wrote: "Think about a legendary innovation initia- tive your company undertook. Now think of the person who drove it. At some point you may have described him as a hero or a jackass. We are cer- tain you called him something: the project lead, the idea monkey, the ringleader, the champion, the dreamer, the idealist, the bully, the general. Where there is innovation, there is a warrior; there is an Army of One. There has to be, because without such a person nothing meaningful gets done. If you want to be associated with success, then align with, support, or be the creator." These words mirror how Bob Fahy approaches his realignment of security's role with the Kraft Foods Group. As its' director of corporate secu- rity, Fahy admits carrying the banner of depart- mental change and alignment is not easy, but it can be done. "You need to be strategic and not reactional. You want to be an influencer, not just a doer," says Fahy. "Make sure you have vetted your busi- ness partners and that they understand your vision and your mission!" ❚ "I'm in this war But got no gun Still standing strong An army of one So sign me up I'm a soldier" "Army of One" – Bon Jovi MY POINT OF VIEW By Steve Lasky, Editorial Director Is Your Security Department an Army of One? 6 SECURITY TECHNOLOGY EXECUTIVE • February/March 2014 I If you have any comments for Steve Lasky regarding this or any other security industry-related issue, please e-mail him at steve.lasky@cygnus.com. SECURITY TECHNOLOGY EXECUTIVE (USPS 009-826; ISSN 1946-8474 print; ISSN 2158-7078 on-line) is published five times per year: February/March, May/June, July/August, September/October and November/December by Cygnus Business Media, 1233 Janesville Avenue, Fort Atkinson, WI 53538. Periodicals postage paid at Fort Atkinson, WI and additional entry offices. POSTMASTER: Please send all change of address to SECURITY TECHNOLOGY EXECUTIVE, PO Box 3257, Northbrook, IL 60065-3257. Subscription Policy: Individual subscriptions are available without charge in the U.S. to qualified readers. Publisher reserves the right to reject nonqualified subscribers. One year subscription to nonqualified individuals: U.S. $35 One Year; $70 Two Years; Canada and Mexico $55 One Year; $100 Two Years; all other countries, payable in U.S. funds, drawn on U.S. bank.: $80 One Year; $150 Two Years. Single issues available (prepaid only), $10 each. Canadian GST #131910168. Canada Post PM40612608. Return Undeliverable Canadian Addresses to: SECURITY TECHNOLOGY EXECUTIVE, PO Box 25542, London, ON N6C 6B2. The opinions expressed by the authors and contributors to Security Technology Executive are not necessarily those of the editors or publisher. SECURITY TECHNOLOGY EXECUTIVE is published and copyrighted 2013 by Cygnus Business Media. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopy, recording or any information storage or retrieval system, without written permission from the publisher. The publisher reserves the right to accept or reject all editorial or advertising material. Publisher assumes no responsibility for return of unsolicited manuscripts or artwork. Printed in the U.S.A. STE_6-7_0314 Lasky Edit.indd 6 3/17/14 7:41 AM