Written by Robert D. Sollars
If you follow the logic of the military that has been in effect for centuries…YES, they are. Security professionals who have been, whether they want it or not, designated to protect the lives of everyone in the facility as well as the property of our organizations it can be extremely difficult to gain the attention of the one group of people who can make the biggest difference in getting things done and appropriating the necessary resources…The C-suite.
I have gotten questions from dozens of people in the field that are succinct “how do we accomplish gaining their attention and get the resources we need, especially when most of the time they figure that security only costs money and not add to the bottom line?”
Bad security is expensive and wasteful, good security is even more so.
Honestly, and with perfect bluntness as I normally am, the C-suite, investors, and others would rather put that money into a different area of the business to help to gain sales for market share, brand awareness or similar. It is all due to increasing the profitability and bottom line of the business…for the investors & appearances.
Even in today’s world filled with hatred from Muslim extremists, racial hate groups, and the myriad of other people who are offended by… (Fill in your cause or idea here). Fraud, theft, violence both inside & outside the organization, cyber hacking, & innumerable other issues are not, apparently, that important to them as the bottom line. They obviously don’t fully understand that these do affect it in ways that cost far more than security.
As security and others responsible for it, if something goes wrong how do we convince them to spend the necessary financial resources we need to stay afloat and complete our duties effectively and efficiently? Additionally, how do we stay ahead of the next threat that is always on the horizon, trying to take the organization’s profitability away?
These ner’ do wells want to hinder and cost us the organization, due to bankruptcy, or money. by hindering our organization or shutting us down, they cost the organization money but also the livelihoods of everyone who works there. And I really don’t think that any of us want that. And we especially don’t want to see our organization, no matter what it is, leading the 6 O’clock news because of a violent incident.
I’ve always been someone who talks bluntly and directly. I rarely sugar coat anything to anyone, no matter how delicate it may be, unless it’s a personal life matter not work. They are being fired, body odor, or that they are doing things the wrong way, such as managers, client contacts, and C-suiters.
Tell the C-suite, or whoever controls your purse strings, that they will be criminally negligent if they don’t do these things you’re proposing. No sugar coating, they’re not frosted flakes, no delicacy, they’ also not slinky lingerie, or dancing around the truth, neither you nor they are Fred Astaire or Ginger Rogers.
But you need to pick your battles carefully. You can’t go running to them for more money and say they’ll be negligent about every little issue that pops up. Items dealing with violence within the organization, cybersecurity, information hacking, and all kinds of fraud. And that’s only 4 out of a gazillion other potential threats.
If you do get reckless & stupid, by crying wolf and run to them with a request for every project of yours, no matter how wonderful and lifesaving it may be, then they could begin to look at you and your department as not worth the money, or time, at all. If this happens, they may also decide to say having security is such a pain they’ll eliminate the entire department and contract it out, where they have more control to limit the information they receive.
I can tell you emphatically it’s not very nice to be called a Chicken Little or Barney Fife to have said the sky is falling and we have to do this and that to prevent chaos, death, and financial loss. It’s also gratifying to hear when what you said is right on target, and they should have put more money into it…
I’ve been there on both sides of it. If you act like and are called a Chicken Little/Barney Fife, then they may not listen to anything you have to say or warn about, even if they’re drowning and you tell them they are in fact sucking their last breath. On the other hand, being direct, blunt, honest, & upfront with issues and threats can cause you to become a go-to star within the organization.
Telling them that they will, not possibly, be considered criminally negligent if something happens and they did nothing to recognize or prevent it, even plausible deniability, will save them. As the C-Suite, they are required to know what’s happening in their company, be they the CEO, COO, CFO, CTO, CSO, President, or any other title they have after their name.
By firing that disaster scenario across their bow, you may make them sit up and pay attention to you and their security program. Yes, it is their program, even if they won’t acknowledge that factoid, no plausible deniability to this. We, as those in charge of security, just run it and make it operate effectively and efficiently, as best as we can with what little we’re given sometimes.
The last note to leave you with, I’ll ask you. Are you a Chicken Little/Barney Fife or are you the go-to star of the company? If you can save the company money by avoiding risk, saving company financial resources, embarrassment on the 6 o’clock news, and the lives that would be lost or traumatized by an incident then…