If I want to attempt to “read the times” to help me navigate the risks and opportunities in front of me, I will not only want someone who is a thought leader in macroeconomics, but also a heart leader in the visible and invisible levers that must be mindfully pulled on my Path to Value™. This conversation is with such a leader. Harvard educated in business, with a passion and expertise in music, and a thoughtful student of human behavior… Anna Rathbun, Chief Investment Officer for CBIZ.
We use the touch point offered by Korn Ferry’s challenge to CEOs, to take ownership of their culture in their company and in their community., to offer the five learning tracks our community are using to have great conversations around ourselves, our people, our programs and our organizations. We start from the center; ourselves. And move outward knowing by faith, courage, and hope, we can help change the world.
We are rooted in our social conditioning. We only see the colors we were supposed to see. And each color has an implicit meaning known only to us… until it is exposed. All around us we are receiving data but unfortunately we miss the full picture way too often. Will you be the leader who sees clearly in the moment and be able to grasp the opportunity?
For leaders in the risk management and security industry, we feel we own the safety of our organization’s people and assets. That burden plays out in the intelligence we gather, the people we manage, the processes we measure, and the insights we must deliver to the executives who run the business. And one more thing… some of us have been doing this 24x7 our entire lives through agency work, the military, and law enforcement. Brian Cooke, a senior security executive for a major energy company explores what it means to have personal resilience.
Every speaker at The Great Conversation in Security on February 20-21 in Palm Beach, Florida, had me wanting more. I wanted to stretch to the next big growth area of my company, my team and myself. I wanted to get out of my own box and on to a much bigger life frame and purpose. So I wrote down a quick “Top Ten” list to see if it prompted any of the same from all of you.
When I train cops about operational empathy, I make the claim that empathy will save their lives more often than the gun on their hip. This is initially met with blank stares, because empathy is not a tangible tool or a defensive weapon. However, when we take the time to understand empathy and apply it to our work, it has a habit of turning into a superpower.
The same is true as corporate security leaders, whether we are talking about customer service at the uniformed security officer level, or if we are talking about influencing the decisions of the C suite.
Let’s define empathy. I like to keep it simple: “The ability to put yourself in another person’s shoes.” This means taking the time to look at an issue, an encounter, an experience, from someone else’s perspective. When we start to understand another person’s perspective and then adjust our approach to them, this is where the power of empathy can shine. So, what does this all mean in the context of security leadership? We have an opportunity to extend our native skills and competencies. A superpower, in this context, is a human trait taken to a much higher level.
For the purposes of brevity, I will focus on perhaps the most important core activity that contributes to empathy and the creation of a superpower in leadership: Asking Questions.
Ask the Right Questions at the Right Time:
If empathy is the practice of placing ourselves in someone else’s shoes, the most practical way to start is by asking questions! To help explain this, I will start out with one of my empathy failures (I have plenty of those!)
When I managed security for the Washington DC Metro system, I managed a team of special police officers, stationed at rail yards, bus depots, and office buildings. I was also charged with beefing up physical security. In one location, I spearheaded the effort to enhance the perimeter fencing around a rail yard, to deter people from being able to cut or climb the fence. This meant a much tighter and stronger metal mesh on the chain link fencing. Installation day arrived and it was a beautiful fence. It went all the way around the perimeter, and right up to the guard house near the front entrance to the property, where all vehicles and pedestrians entered. I was proud of my accomplishment.
I went to the guard house and asked the officer what he thought of the fence, assuming he would be grateful towards me and shower the fence with compliments. Instead, he looked uncomfortable and said begrudgingly, “The fence looks great, but now I can’t see cars as they enter the property.” Oops. The fence I had installed, had such tight mesh, and was installed at such an angle that the officer literally had no visibility of the front entrance of the rail yard. I stepped inside and stood in the exact position of the officer, and sure enough, I couldn’t see the driveway. All I could see was that beautiful tightly knit fence mesh. In this case, when I was planning the project, I made two major failures. Number one, I did not take the time to evaluate the impact of my decision from the perspective of the end user, in this case, the officer in the guard house. Number two, I failed to ask the right questions at the right time, of the right person. Had I practiced these basic building blocks of empathy; I could have mitigated the issues during the planning stage. I never tried to place myself in the shoes of the right person. A few basic questions of this officer would have prevented my mini disaster. In a broader security leadership context, we can easily see the relevance beyond operational physical security.
Imagine when it is time to implement a new travel security policy, or access control policy. Perhaps you are announcing a handful of countries that you’ve deemed “no-go” zones that are too “high risk” for travel. It is easy to benchmark with other security professionals and lean on your own security expertise for such decisions. However, if we don’t take the time to ask the right questions and listen to our stakeholders about the impacts of our plans, we run the risk of never finding the true solution to the problem at hand. Or worse yet, like my fence mistake, our solution produces a new problem. In the travel security example, what if one of your new “high risk” countries is the next emerging location for new market entry for your core business? Suddenly you are preventing your company’s executives from traveling to that exact country where they plan to do major business. How do you think that will be received?
When it comes time to make decisions that will have an impact on our stakeholders, it is crucial to activate our empathy muscle. Step inside the shoes of your stakeholders by asking them for feedback and seeking to understand how your actions will impact them. When you truly place yourself in their shoes, you will then be able to make a decision based on a holistic understanding of the problem you are trying to solve.
Burke Brownfeld is Director of Global Safety and Security for Visa Incorporated and is part of the 2020 faculty in The Great Conversation in Security in Palm Beach, Florida
The digital transformation of security is underway. There are many on ramps. But to start the journey demands you know what the highway looks like and the new measures of performance that will influence how your are valued over time. We have a number of conversations taking place in 2020. Each one very different, but, with a theme of leadership, innovation and change that will impact how your organization sees you and how you see your organization.
As leaders, we sometimes are so immersed in the day to day grind of running our programs we miss the strategic opportunities that will define our success or even our legacy. .Sometimes we need to make time for a conversation that can help us see and think more clearly. The Great Conversation is on a Path to four forums in 2020 that will feed your mind, possibly change your heart, and impact your performance.
Two CSOs. Two perspectives. Both in a Great Conversation on May 21, 2019 at The Great Conversation in Security™
Their interest and their passion? The future of the ‘art of security’
Garrett Petraia, Levi Strauss and Tyson Aiken, Nike, started their conversation with a simple logic statement.
·Art often refers to the past: the value of what has been accomplished.
· State of the art implies more of an active present tense or emergent standard of conduct.
· Should we refer to the Future of Art as the process we use to revise or disrupt a standard based on a new way of thinking?
For example, we all practice “Risk Management”. But the term itself is limiting. It is only one side of a coin. The other side represents the opportunities that would arise if we had knowledge of the risks and leveraged them. This is an opportunistic mindset our industry must adapt to if they are going to become true business advisors and leaders.
And for business leaders, this strategic intelligence might move them from business enablement to business acceleration.
Tyson asked us: “How do we get to that place?”
And both speakers suggested we need to hire more business talent and train them in risk principles. “We need to move from hiring a resume that fits our current ‘state of the art’, to hiring based on intellect and values”, said Garrett. “I cannot allow my lack of perspective and knowledge to blind me to the risks or the opportunities. I must hire to support my blind spots.
But they acknowledged that it is easier to hire for security subject matter expertise then it is to find business talent that wants to join the security industry. The talent pipelines from the government, intelligent community, the military and the law enforcement community are crowded. So, our search for diversity will be more difficult. But it is desperately needed.
As Garrett said we need to understand why people fail. It usually comes down to the culture and the degree of collaboration they can foster with the community; the value intersection of their wants and needs with your own.
And both agreed, we need to learn how to gather, analyze, and leverage data that will allow business leaders to better comprehend their own risks and their opportunities by collaborating with our people and programs.
And it just might start with re-writing our own job descriptions to better represent the future of our art.
Steven Antoine, one of our Great Conversation faculty, had an article posted on Enterprise Security that is well worth the read. Written by Steven Antoine, Director, Global Assets Protection, Yum! Brands we have provided a starting point for the article and a link to read it here.
With the digitization of business, security often finds itself in the familiar, yet uncomfortable space of being reactionary; again. GTRM and the security of data typically are found in bifurcated skill sets, CISO vs. CSO. With the evolution and internet of things, everything is more connected. In the restaurant space, for example, predictive and prevention techniques are being refined as apps and gift, and credit cards are now the focus of the digital criminal enterprise. Camera and alarm vulnerabilities have to be (re)addressed as savvy hackers seek to become more criminally creative and less physically confrontational. The development of new tools such as facial recognition and artificial intelligence and the availability on consumer data make it such that “Where there’s a will, there’s a way” is being acted out in ways that five years ago couldn’t have been anticipated.
Last week we profiled the keynote that Greg Creed, the CEO of Yum! Brands provided to the executive community in The Great Conversation in Security. As you remember, he talked about the power of culture and the necessity to create a self-correcting culture focused on the vision, mission and goals of the organization. Engagement is key. If fosters trust.
Understanding what you are engaged to do is critical. The “Why” of your work. To Greg, that means you need to be RED. Relevant, Easy and Distinctive. To the degree he can create a culture that is continuously moving in that direction, he believes they can be successful. Every security executive was asking themselves, how they could bring RED into their program.
We were also privileged to listen to a cross functional industry panel discussing the strategic imperative of of diversity. We brought members of Greg’s team together that came from different backgrounds and departments to understand how they defined diversity, leveraged it, and are creating a force multiplier in value generation as a result.
The executives included the following:
James Fripp
Chief Diversity and Inclusion Officer
Yum! Brands, Inc.
Erika Burkhardt
Vice President of Brand Protection
Pizza Hut LLC
Steven Antoine
Global Assets Protection Director
Yum! Brands, Inc.
We also included a medical doctor, Dr Robert Genzel, who had become the Chief Security Officer for Texas Motor Speedway, proving to all of us, that intelligent minds can absorb critical risk indicators and use their skills to create a strategy and a plan. Dr. Genzel is now providing services to the security community as CEO of Overwatch, a company dedicated to providing Medical, EMS, Fire and Security support services to Corporations, High Net-worth individuals and governmental agencies around the world. Through this experience he has become a sought-after speaker and consultant on Emergency Preparedness and Mass Casualty preparation and response for corporate campuses and large spectator venues. That would not have happened without a recognition that another perspective could be a game-changer.
The discussion was poignant. We walked away with a number of nuggets of wisdom that we believe can add to our leadership and our value.
Diversity is the foundation of ideation and innovation. By intentionally identifying, including and listening to people from different experiences, cultural backgrounds, and racial or gender identities, we have the opportunity to expand our imagination and sharpen our ideas.
Diversity demands empathy and care. If fostered, it strengthens the ties that bind us to one another.
Diversity opens our eyes. It is the enemy of scotomas; the dysfunctional blindness of ignorance.
Diversity leverages the differences in us. It does not fight them or critique them. It seeks to understand them.
So, as we left the conversation, each of us were thinking who is on my team and, more importantly, who is not. And what can I do about it?
When Greg Creed, the CEO of Yum! Brands addressed the Great Conversation community of senior risk, resilience and security executives on May 21, 2019, he left them with several take-aways that, if leveraged and implemented, may change the way our programs are designed, managed and measured.
One of his first remarks would put the rest of his time with us in perspective. He asked us whether we could find the key to the value of Yum! on his balance sheet.
Before we answered he shared some of Yum! Brands public information.
Yum! Brands performance has certainly been impressive.
Based in Louisville, Kentucky, they have over 48,000 restaurants in more than 145 countries and territories primarily operating the company’s restaurant brands – KFC, Pizza Hut and Taco Bell – global leaders of the chicken, pizza and Mexican-style food categories. Worldwide, the Yum! Brands system opens over eight new restaurants per day on average, making it a leader in global retail development. In 2018, Yum! Brands was named to the Dow Jones Sustainability North America Index and ranked among the top 100 Best Corporate Citizens by Corporate Responsibility Magazine. In 2019, Yum! Brands was named to the Bloomberg Gender-Equality Index for the second consecutive year.
The Great Conversation in Security was held in Plano, Texas at the Yum! Brands Center of Excellence. And Greg flew in for the forum.
“No”, Greg would answer his own question. “You will not find Yum! Brands key to corporate value on the balance sheet.” It could be culture, or reputation, or customer care or even the brands themselves. But all of those are overshadowed by the impact of engaged people creating the culture that results in outstanding business performance and brand.
How do you connect the business strategies to the people? According to Greg, they must care. To care they must understand the vision, mission and core values of the organization and how it applies to them. That creates trust.
Can trust be measured? Greg would say “Yes”. He has implemented a program that teaches his employees what it means to be at Yum! Brands, how it applies to them, and how it will be measured.
“Our strength is in how we recognize the uniqueness of each person at Yum! Brands” said Greg. “For a global company, this is critical. We cannot be devaluing one another according to our differences.”
Yum! has a 4-level measurement ranking system for every employee. It promotes a self-correcting culture. You may be first introduced to Yum! and/or the training and begin your assimilation into the culture. That would be a “Learner”. Grace is given. Mentoring is paramount. If you need more training or remediation, you would be “Lacking”. Once you get it and achieved a baseline of culture assimilation you would be “Living” the culture. And for those who go the extra mile, proactively, to advance the culture, the brand and the measures of performance that make the brand what it intends to be, they would be lauded as “Leaders”. Note, at Yum! leaders do not need a title.
With this cultural baseline, Greg has also created a strategy that energizes the culture, the franchisees, and the investors. He calls it “Being RED”.
RED is an acronym that strategically aligns the entire ecosystem.
R: is for Relevant. Whatever category you choose, is your value proposition relevant to your target audience?
E: is for Easy. Your offering should be intuitively easy to identify, access and purchase. Frictionless.
D: is for Distinctive. Your target audience should see you as highly differentiated. Your value proposition compelling. The Customer Experience outstanding.
With his cultural focus and his precise definition of how to create value, he helped the security executives in the room and their vendors imagine a path to value. A path that included their unique role in creating an engaged culture, that was safe and secure, and a shared understanding of their role in “Being RED”.
His final message was to ensure they understood their role in teaching the employees to be culture keepers of their own security and safety.
“We must instill a culture of trust. That is our strength. But it must be tempered with their ownership over the security and safety of our intellectual property, our people and our food safety process.”
The feedback we received underlined the need for more leadership lessons and perspective from the CEO in helping our community position their own organizations on a path to value.
I have been speaking with our faculty over the last few weeks and the conversations are taking on a level of urgency I have not seen in awhile.
We are an industry in transition. Many of us feel like we are trying to run in mud, but, for some of us, we are starting to see changes that will radically redefine our value proposition. Here are a few of the conversations I have recently had.
Today, two senior executives underlined the fact that vendors must wake up to the new reality of uberization. Our internal customers live in the age of plug and play. Facebook just works. Uber just works. The complexity is hidden from us. The “contract model” is front-loaded with a license fee and services. A new contract model must emerge that provides a shared risk model for delivery of outcomes (the customer experience).
We keep hearing of the intelligent building. But what is it and why do we need it? If we need it, what is the return on investment? What is security’s role in the strategy and execution of an intelligent building? Will this help us leverage a new and more compelling value proposition?
What is the role of communication in today’s security program? We tend to think in linear terms. But what if it was more dynamic, leveraging all forms of communication? How would that change the optimization of our people, processes and technology?
Is Loss Prevention becoming a powerful organizational example of convergence?
Is video surveillance a business tool and a risk tool?
Can security help an organization scale rapidly while mitigating risks?
Diversity is and is not what you think. Learn from a powerful panel of leaders on their experiences creating value over the differences.
Culture is at once a powerful weapon. It can be good, bad, even ugly, based on leadership casting a vision that can be intuitively grasped by the stakeholders.
All of these ideas can begin to contribute to a CEO’s conversation with their company, their board and their investors. We will pick the brain of a CEO who is in the process of doing just that.
Each of our faculty deeply believe that the conversation matters. Each expect to go back to their organizations with take-aways that make a difference. They are action-oriented and driven by the need to continuously advance their proficiency in creating organizational value and mitigating the risks to people, the business and the community.
As part of the discipline around The Great Conversation, we seek true case studies of our executive community. A case study to us communicates a problem or opportunity the executive is facing, how they mustered internal and external teams to assess it, and then how they approached rectifying it, including the performance measures that supported the effort. This can be thought provoking and meaningful to our community. How our peers are addressing issues may give us guidance on our own core processes.
After each case study, we like to have a technology discussion. There are two parts to this which can be very helpful. One is to understand how others are evaluating the technology against similar problems. Two is to understand the roadmap for the category. For example: How is the access control technology category evolving? What can we expect to see and how will it change the way we manage our future program?
Ewa Pigna, the CTO LenelS2, will represent the access control category for us this year. She will follow a case study by Jason Veiock, who leads a converged security team at GoDaddy.
We asked Ewa several questions before she meets with us on March 4 & 5 in Seattle.
I would love to share my perspective on the state of the security industry and specifically as it relates to access control. I also see it as a great opportunity to hear other industry professionals on this topic, interact with various security influencers and help to shape the future of the industry.
I hope to learn how existing solutions are applied to help customers solve real world problems, what gaps still exist that industry manufacturers can focus on, and how to better connect security to the overall business value.
My presentation touches on the Enterprise Security Platform, it’s current state, roadmap, future trends, and key points that end-users should be aware of when evaluating the state of their overall security risk management strategy.
The most common constraint I hear form end-users is how to justify security funding as part of the overall risk management budget. I believe that as we connect security and business processes together, we will be much more successful in opening up more funding for those types of projects.
End users are looking at various ways to overcome the funding obstacle. They are embracing multi-generational approach towards introduction of newer security models into their environments. They are also leveraging the solutions interoperability capabilities to drive greater business reward from security investments, and they are introducing more self-service capabilities to their users in order to drive increased productivity with their security staff.
