Getting the attention of the C-suite
As security professionals, leaders, and those responsible for safeguarding the lives and property of our company or client it can be extremely difficult to gain the attention of the one group of people who can make the biggest difference in getting things done and appropriating money, The C-suite.
So how do you accomplish gaining their attention? Especially when most of the time they figure that security will only cost money instead of make and add it to the bottom line, so that it looks good for the investors? Good, not excellent, security costs money and resources. And being honest they would rather put that money into a different area of the business to help to gain market share or brand awareness or something similar. And it is all due to increasing the profitability and bottom line look for investors.
Even in today’s world filled with hatred from ISIS and other Muslim extremists, racial hate groups, and the myriad of other people who are offended by… (Fill in your cause or idea here). Fraud, theft, workplace violence both inside & outside the company), cyber hacking, & innumerable other issues are not, apparently, that important to them as the bottom line (not fully understanding that these do affect the bottom line).
So as security professionals, leaders, & those responsible if something goes wrong how do we convince them to spend the necessary financial resources we need to stay afloat and complete our duties effectively and efficiently as well as try to stay ahead of the ner’do wells that are out to hinder or cost us the business/money?
And by hindering our business or shutting us down, they cost the company money but also the livelihoods of everyone who works there, no matter how ‘horrible’ they may be for working there. And I really don’t think that any of us want that. And we especially don’t want to see our company leading the 6 O’clock news, do we?
I’ve always been someone who talks bluntly and directly. I rarely sugar coat anything to anyone, no matter how delicate it may be. From the fact they are being fired, body odor, or that they are doing things the wrong way i.e. managers, client contacts, and C-suiters. So I have to agree with a linked in post I read a few months ago.
Tell the C-suite, or whoever controls your purse strings, that they are or will be negligent if they don’t do these things you’re proposing. No sugar coating, they’re not frosted flakes, no delicacy, they’ also not slinky lingerie, or dancing around the truth, neither you nor they are Fred Astaire.
Just one lil caveat to add to this. Pick your battles carefully. You can’t go running to them for more money and say they’ll be negligent about every little issue that pops up. Items dealing with WPV, cyber security, information hacking, and all kinds of fraud. And that’s only 3 out of a gazillion other potential threats.
If you do get reckless and stupid and run to them with a request for every little pet project of yours, then they will begin to look at you and your department as not worth the money at all. And if this happens, they may also decide to say having security is such a pain they’ll eliminate the entire department and contract it out, despite the obvious dangers we know they willll then face.
I can tell you emphatically it’s not very nice to be called a Chicken Little and say the sky is falling and we have to do this and that. It’s also gratifying to hear, when something goes right, that you were right and they should have put more money into…
I’ve been there on both sides of it. If you’re act like and are called a Chicken Little, then they may not listen to anything you have to say or warn about, even if they’re drowning and you tell them they are in fact sucking their last breath. On the other hand being direct, blunt, honest, & up front with issues and threats can cause you to become a ‘go to star’ within the organization, which is also nice (besides being a pain in your backside, and theirs). But you have to ensure you don’t piss them off too badly or you’ll risk becoming a Chicken Little.
So, again, pick your battles carefully before going to the C-suite and telling them that they will be considered negligent if something happens. But by firing that bombshell across their bow, you may make them sit up and pay attention to you and their security program. And yes, it is their program, even if they won’t acknowledge that factoid. We, as security professionals, just run it and make it operate effectively and efficiently.
Once more I’ll ask you. Are you a Chicken Little or are you the ‘go to star of the company? If you can save the company money by avoiding risk or saving the company financial resources or embarrassment, then maybe…
Robert D. Sollars is a recognized expert on security issues, specifically WPV. He’s spent 32 years in the security field. Contact him at 480-251-5197 or Visit his Facebook page, http://www.facebook.com/oneistoomany
Here you will read about other items related to security & WPV issues. Or be a twitter follower at @robertsollars2.
I May be Blind but my Vision is Crystal Clear