Peer comments are most welcome!
Warrior Poets in Service to Philosopher Kings: Modeling Security Leadership
The general educational goals for my graduate program at Saint Mary’s University of Minnesota are to discern and nurture skills and techniques required for effective leadership, team building, and teaching; refine an awareness of my gifts, skills, and limitations in my discipline and other areas; and apply critical thinking and personal courage when addressing issues of culture, religion, ethics, decision-making, and personal freedom.
The goal of this, my last, independent study in my program was to prepare a paper describing a model for principled leadership in modern security organizations. The means applied are to integrate my Human Development program learning, my professional experience, and interviews of well-regarded professionals in the field; assemble a model for leadership in modern security organizations; and test the model with my professional peers.
Introduction
Not all days are good ones. I entered the Human Development program at Saint Mary’s University of Minnesota at a low ebb. In 2008, in the wake of personal tragedies and buffeted by professional disappointments, I wrote:
“I’ve been a warrior, sleuth, assassin, architect, teacher, friend, poet, foot soldier, lieutenant, harried executive, preventer, enabler, frustration, and inspiration. But the fates determine that companies and careers follow an arc, and some peak early. The last good fight a distant memory, I stand guard over the house-of-cards castles of bickering lords besotted by greed. Wearied by age, fatigue, and heartache, there is little to do but see that the men are fed, the horses groomed, and that the hounds – which have not hunted for far too long – are scratched behind the ears by someone who knows their plight. I fear I will never be more than a would-be warrior-poet to should-be philosopher-kings.” (Brady, 2010)
The Human Development program gave me the flexibility to study ethics, leadership, decision-making, team-building, and the nature of strongly held belief. I have used Saint Mary’s as a laboratory where I re-evaluated my perspective on my craft and reinvented my approach to my trade. To focus my efforts I chose a question which has haunted me for years, whether or not security professionals – either through deliberate action or negligent inaction – leverage fear to further their programs, especially since the terror attacks of September 11, 2001.
Security leadership is a specialized discipline occupying a unique niche in the business world. Leaders in our field must be developed using agreed upon principles, yet the trade lacks a well developed body of academic literature. Thus we borrow many of our developmental tools from other sectors. The security profession borrows predominantly from general business leadership research, as well it should. The security profession applies leadership lessons from military and law enforcement leadership traditions and history, as might be expected. There are, however, specific issues that make security unlike other business disciplines. The unrestrained growth of security technology and its impact on society cannot be effectively measured, accurately understood, efficiently applied, or appropriately regulated without leaders who are willing to examine the need for such tools with a critical eye. At Saint Mary’s I have encountered new methods to create more effective leaders and have found ways to apply them to the security trade.
The security industry needs professionals who are committed to advancing the interests of his or her enterprise rather than simply reacting to fear, acting as private police, or closing the sale. The security professional should make a contribution as an employee, a content professional, and a team member. He or she has a responsibility to act ethically when dealing with the public, employees, and executives. Executives deserve to know their security director is not blowing smoke, is keeping his or her eyes on the prize, and is on the right track. It is critical that the entire organization understands the principles which form the foundation of the security program.
Three themes have become central to my study of this craft. They are the concept of servant leadership, the art of team building, and application of critical thinking to security issues.
Be a Servant Leader
Serve your staff.
My organization chart is upside down. The box with my name in it is at the bottom. Above it are the names of my supervisors and shift leaders. Above their names are those of our security officers. It reminds me of my commitment to servant leadership. (Bodner, 2006) It makes my team members regard me with quizzical expressions. It has served as a conversation starter for chats with peer leaders in the organization. It is a simple yet demanding graphical representation of a powerful idea.
The concept of servant leadership has changed my personal, professional, and civic life forever. Thanks to Richard Leider (2006) I understand that I am responsible for helping my team members succeed. I support my supervisors, they support our staff, and our staff supports the thousands of the client’s employees we serve. I have a responsibility to prepare my officers to become supervisors and my supervisors to become managers. Any good parent will understand the concept. We support our families’ needs, hopes, and aspirations; they do not exist to support us.
There are other strengths to the servant leadership model. A commitment to serving our teams makes it easy to incorporate the power of diversity into our organizations. (Bolden, Gosling, Marturano, & Dennison, 2003) If we are in a service mindset, seeing to the success of women and minorities, Americans and new immigrants, team members with GEDs and those working on their PhDs, makes good sense. The servant leader finds it natural to engage in mentoring relationships, whether casual or structured.
Serve yourself.
In reinventing ourselves we make the hero’s journey, leave the familiar, seeking the prize, suffering hardship, and returning transformed. (Campbell, 1973) If we are going to break the molds, strike out on new paths, and create new opportunities there is another important individual to serve. Care for yourself. Self care contributes to the success of the team. It is not a selfish act. (Palmer, 2000) Do the work it takes to become and remain centered and whole. See to your health, both physical and emotional. Make time for daily reflection. Keep a journal. Start doing more of what you like and less of what you do not. (Csikszentmihalhyi, 1996) Businesses frequently spend much effort correcting our weaknesses. Perhaps increasing our opportunities to play to our strengths would be more productive. It would certainly be more enjoyable. (Lennick & Kiel, 2008)
Do not use just your head; use your heart and your gut. There are resources that will allow you to tap the benefits of left mode and right mode styles of attention; avail yourself of them. Get away from your desk. Move! Kinesthetic attention can take the form of sophisticated serious play or simple management by walking around. Creative leadership requires intuition and personal passion as much as mission statements, key performance indicators, policies, and procedures. There is great power if we can bring avocation and vocation – the personal and the professional – together. (Palus & Horth, 2002)
Serve the business.
In business I find the servant leader has a much easier time controlling his or her ego and is less affected by those of others. It is easier to focus on what we are trying to accomplish when we are not so busy defending our turf and protecting our ego. (Drury, 2004) It is easy to explain why we are committed to making sure the right things happen, strive to prevent negative events, engage everyone necessary to pursue regulatory compliance, and do what it takes to enable and support profitability.
The matrix management model, in which we are obliged to lead through inclusion, communication, and influence instead of hierarchal authority and the power of position, seems easier to navigate when I apply servant leadership ideals. When we have an entire matrix of relationships to work with we can find spots here and there across the organization where effective thinking about the role of security can be applied to the benefit of enterprise. (Bartlett, C. & Ghoshal, S. 1990) In turn, enterprise risk management, arguably the most highly developed security model currently in use, lends itself to both matrix management and servant leadership. In an enterprise risk management model we cast a broad net, involve a wide variety of stakeholders, and create synergies as we address a constellation of issues to protect persons, property, and business interests. (ASIS International CSO Roundtable, 2010).
Some of us are individual contributors, operating primarily at a technical level. Many of us are managers, usually operating at a political level. If we walk the talk, act in alignment with our core values, model integrity, become self-authorizing, and pursue our vision, we can become a transformational leader on behalf of our team, even the rest of the enterprise. (Quinn, 1996)
Serve your community.
Embrace the principle that you have an obligation to give back to the community that raised you and the profession that has developed you. Leaders have the ability to serve outside of specific job responsibilities. I serve my profession as a member of professional associations and by calling out less than critical thinking in conversation, at meetings, on forums, and on my blog. By making the time to engage in correspondence, networking, and debate on various social media tools we influence peer professionals we may never meet face to face. I have the pleasure of serving as an instructor at Saint Mary’s University of Minnesota in the Bachelor’s Degree completion program in Security Management. My program director models servant leadership in her support of my fellow instructors and me as we strive to promote the success of the students in our program. In the course of my Human Development program I have expanded my sense of responsibility to include our society at large. I have recently begun serving my community as an ESL and GED tutor.
Tom Peters (2010) tells us “Leaders don’t create followers, they create more leaders.” By modeling servant leadership as an element of a positive and progressive leadership style we show our teams, our peers, and our executives the sort of leadership professionals they too can become.
Build Strong Teams
There is a small handwritten plaque on my desk that reads, “Help create leaders worth following.” On the back it says, “Leading by example, use my experience, good will, integrity, and compassion to help new leaders create themselves.” As I discussed above, servant leaders make it their personal responsibility to develop their staff, the teams they serve on, and the company that employs them. There are basic developmental ideas that will be familiar to everyone. There are others that may take a little getting used to.
You will create a team dynamic whether you deliberately apply yourself to doing so or not. While competent security officers can be a critical element of a balanced security program they are sometimes misused – if not abused. Security staff should not be expected to perform a task that is done better – more effectively, or cheaper – more efficiently, by security barriers or electronics. Do not ask a man or woman to do a machine’s job. No guard is a match for a truck intent on ramming through a gate, but a ram-resistant barrier can be arranged to stop almost any wheeled vehicle. While guards were the original fire detection method, these days incipient fire detection systems can respond to stimuli humans simply cannot detect. The machines are there to expand the human’s reach, not the other way around.
Select a diverse team.
A lot of team building is pretty straightforward. Recruit broadly. Hire carefully. Pick the right people for each job; we do no one a favor by shoehorning an unqualified person into a position at which he or she will not be successful. Train them well. Integrate new members quickly into the existing team. Let them know they are only a radio call away from help. Reward questions. Keep everyone in the loop. Give them the tools they need to be successful. (Serrat, 2010) Technology has made this easier than ever, but all it takes is a chat or a phone call.
Seek out diversity. Cultivate it. Diversity is strength to leverage, not a problem to manage. (Prieto, & Phipps, 2009) Create a diverse team; variety is the spice of life and it generates great ideas to boot. I have had the pleasures, and the pains that arise from collaborating with all four generations currently in the workforce, those who won the Second World War , my fellow “Boomers,” “Generation X,” and the “Millennials.” Are there generational issues? Sure, and there are the rewards that come from drawing out the best from each group. Similarly, wise leaders in 21st century America enjoy the advantages that accrue to hiring employees who represent every continent on the globe. By opening yourself to diversity you will add entry-level employees to your team who have worldwide experience. You and your organization may also enjoy the collateral benefit of having persons on staff who speak languages other than English.
Develop thoroughly.
Tell your team there are no silver bullets, no miracle cures, and no one right answer to every security issue. Meet them where they are. Teach your staff to deploy a variety of detection and protection methods. The prehistoric human guarding the entrance to his clan's cave probably had fire to illuminate the area, piles of thorn bushes to provide additional physical barriers, a dog with much keener senses than his owner, and a handful of spears or a pile of rocks. When something or someone approached in the dark of night the human used his tools to assess the threat and responded appropriately from behind the safety of physical barriers. These days, competent security officers bring human curiosity, suspicion, and judgment to the scene and use the hardware and systems we provide them as force multipliers to accomplish the tasks we set out for them.
Encourage creativity in problem detection and problem solving. Look at opportunities from as many perspectives as you can find. Cultivate your curiosity and interest; encourage your team to do the same. Creativity occurs at the edge of our comfort zones. The further you get from your comfort zone the more ideas you will encounter. Surprise your people. Let them surprise you. (Csikszentmihalhyi, 1996)
Push decision-making as close to the work as possible. The principled leader will model the virtues of being inclusive and the value of deliberately seeking out divergent perspectives when problem-solving. Ask for your teams' advice; they know more about their task than you or the client. Involve them in problem identification exercises and - with proper support - let them design and implement the solution. Teach them the principles of continuous process improvement, reverse brainstorming, and how to ask the powerful questions. Introduce turbulence. Encourage loyal skepticism. (Palus & Horth, 2002) Teach them the truth of General George Patton’s dictum “If everyone is thinking alike then someone isn’t thinking.” Then let the team take the credit. As Lao Tsu recommended, let them be the ones who say “We did it!”
Care for your team under all conditions. Our officers need general and specific instructions to follow in the event of natural disaster. They are an integral part of the client's all hazards response capability. Ongoing training and drill are mandatory if our teams are to develop and maintain a sharp edge. Our responsibilities shift as we move from emergency response into disaster recovery and then to business continuity operations. In the event of community-wide disaster we may have officers whose families require their help even more than the client does. This was an issue for members of my teams after the Loma Prieta California earthquake in 1989 and in the aftermath of Hurricane Katrina in 2005. As managers we have a responsibility to get our people home to their families just as soon as the client is seen to, shift relief is arranged, and an emergency staffing plan is in place. In extreme cases, we may need to care for our officers until they are able to set out for home.
Develop and mentor staff and peers. Prepare your staff for their next job, whether or not it is on your team, at your account, or with your employer. Some of this development will take the form of structured learning. Reading, research, and study are the key. Model a love of life-long learning. There is no quick fix, no one book will do. There is a certification in the security profession called the ASIS International Certified Protection Professional, CPP for short (ASIS International, 2011). While there are others, it is the gold standard of board certifications in the security trade. The prerequisites are fairly strict, but I have long counseled aspiring security professionals to work their way through the CPP reading list, regardless of the time it will take to become eligible to sit for the exam. Another book has informed my practice for more than twenty years. It is the Oscar Newman classic, Creating Defensible Space (1972). The very idea that security professionals can shape the nature of our community – for good or ill – endows our trade with great power and imposes upon it great responsibility. Expose your team to new ideas, divergent thought, and tangential perspectives. There is no telling which idea will take root.
Patience, waiting without complaining, is a gift you can give to your leaders, your team, and yourself. People are not machines and should not be expected to respond like one. Change takes time. Creating new habits requires many repetitions. (Flaherty, 2005) Let your people grow by trying and failing and learning and retrying. In the course of your career you failed, were allowed to survive, and you learned from it; offer the same opportunity to every member of your team.
Celebrate success and correct failure.
Demand excellence, and reward it. Celebrate the team’s successes. Own the team’s mistakes. If one of your team takes heat for doing the job right, back his or her play, all the way to the boardroom if necessary. Develop a variety of recognition methods and learn which one is most appreciated by each member of your team; not everyone wants money, or a plaque, or to be praised in public – some may like all three. Insist that everyone pull their weight. Accepting mediocrity devalues and dishonors the contribution made by the hardworking members of the team. When a team member does not work out, move them along as quickly and humanely as possible. The rest of the team will appreciate your recognizing that a player was not cutting it.
Correct yourself. A wise vice president used to ask me two questions every couple of months, “What do you need more of from me? What do you need less of from me?” He did not always appreciate my answers but he never stopped asking.
Select good people. Cultivate diversity. Care for your team. Walk your talk. When your team knows you are personally invested in their long-term success they will move mountains for you, your employer, and your client.
Engage in Appropriate Influence
I have had the pleasure to know some excellent security managers over the years. I have met some bad ones too. There are great security ideas, and some pretty poor ones. There are fresh, productive ways to think about the contribution security can make to the bottom line, and some tired, traditional perspectives on the security trade that can derail a security program. Just as there are government organizations which rely on our personal, public, and professional fears to advance their agendas, some security professionals have made their careers deftly reacting to these fears instead of helping leaders decide if we should be afraid in the first place. Many in my trade, especially in the security hardware and services sector, are not averse to harnessing the tremendous power of “fear, uncertainty, and doubt” – “FUD” – in the service of meeting their service objectives. There are security professionals who are prone to believe the worst even in the face of statistics to the contrary. There are security professionals who resist requests of their business leaders to make a business case for their security programs.
Do not be an alarmist.
Do not scare people; not deliberately, not accidentally. Thanks to world events people are already scared; thanks to sensational news reporting people tend to remain scared (de Becker, 2002). When people are scared they frequently act without thinking. Our families, communities, and employers look to those in security profession for confidence in the face of troubling disorder.
The vulnerability of buildings to car bombs has been demonstrated time and again, at the Beirut barracks and embassies bombings in 1983, in the 1995 Oklahoma City bombing, at Khobar Towers in 1996, and the embassy attacks in Kenya and Tanzania in 1998. Then as now, principled security practitioners informed their clients that the best defense against explosives is standoff distance, the more the better. Regrettably there is little room to provide standoff in urban city centers. In the days following 9/11 many of us in the physical security trade were told to "do something...anything" to show employees and other constituents the client was serious about terror. In came the Jersey Walls, up went the bollards, and out came the M4 carbines. Then our civic leaders – perhaps more accurately, those persons in positions of authority – began to close the streets as though they might create green zones in the hearts of our great cities (Németh, 2010).
Much of the responses – and a large share of the over-reactions – to 9/11 were implemented by federal, state, and local governments, and then reinforced by the news media, but there are security businesses who seek to leverage fear and create a sense of urgency (Guardsmark, 2011). This tendency grew more prominent when the anthrax murders occurred in late 2001. Fear, anxiety, and urgency have sold a lot of hardware and services this past decade, which we purchased with money that might have been put to better balanced, more effective use elsewhere.
Alarmist language is used to sell security services, products, and programs. It may be the fault of the marketing team, but if we let the copy out the door we share responsibility for the message and its effects. I think it is both unethical and counterproductive. Not everyone agrees with me. I have peers who regard anything that moves their security program forward as a tool to be employed. (Brady, 2011d) This can come back to bite us. Successful executives do not rise to power because they are risk averse. If we manage to frighten a CEO he or she becomes an altogether unattractive leader. When we fail to scare them they regard us with well-earned disdain.
I recently had an email exchange with the writer of several magazine articles which extolled the virtues of safe rooms for executives at work (Brady, 2011b) and at home (Brady, 2011c), and for students at school (Brady, 2011d). The writer is the founder of a company that builds safe rooms. I expressed concern that the lurid examples chosen to strengthen his case frequently were not the sorts of crimes where a safe room would have helped. Many readers, potential clients, and even some security professionals, will trust the writer of such articles and not look any further into the background of the cases mentioned. Thus, I regard the inclusion of poor yet dreadful examples as alarmist.
The perception of security, or the lack thereof, is frequently mistaken for reality. The best of all worlds occurs when people feel secure and we can demonstrate their perception is reasonable. When we can demonstrate that persons are reasonably secure but they still feel unsafe we security practitioners have missed something – either a subtle concern or an opportunity to educate our clientele. When people feel secure but are not, we have misbehaved or failed to understand the challenge. Security sage, Bruce Schneier, coined the term “Security Theater” to describe measures implemented to create the perception that something is being done about a security concern, when in fact the display offers little or no real benefit. (Schneier, 2003) In some cases the theatrics are even counter-productive, causing actual security to decline. At the very least security theater costs money that might be spent to greater effect elsewhere.
As a citizen, neighbor, husband, and parent there are days when I regret that there is no shortage of security needs in our society. There is plenty of work to be done and I submit that most of it can be accomplished without resorting to alarmism and fear mongering. Working to create informed consumers who correctly take confidence in our responses and preparations is more rewarding than stoking the fires of fear.
Think critically.
There are others in our ranks who give in to the all too human tendency to agree with people who say things that reinforce views they already hold (Nickerson, 1998). The inverse of this perceptual filter is that we also tend to disregard and minimize ideas with which we disagree or which create cognitive dissonance (Carroll, 2011). I strive to remain aware of this risk in myself and call it out when I see it in others. Understanding the nature of strongly held belief is a study unto itself. In the mean time a partial preventative is to deliberately expose oneself to viewpoints that contradict our own. Listen to Rush Limbaugh sometime, or watch a Michael Moore documentary. It can be painful, but it may help you avoid believing that yours is the only good opinion on contentious matters.
On a recent thread at an online security forum there was a discussion of the specter of ever increasing workplace violence – especially active shooters engaging in workplace mass murder. The debate centered on whether or not arming security officers was likely to be an effective remedy (Nixon, 2010). At first I tried to explain that the workplace violence rate is at the lowest it has been since records were first collected in the early 1990s. I encountered strong resistance to these statistics (Bureau of Labor Statistics, 2011). Then I encountered strong resistance when making the point that vulnerability is not the same thing as a threat, and that threats do not in and of themselves constitute risks. Without education, and then insisting on precision in our language, we run the risk of conflating and confusing the terms vulnerability, threat, and risk (Johnston, 2010). Using the terms inconsistently in turn confuses our audience.
I thought there might be some detectable demographic differences between security professionals who hold strong opinions regarding the role of armed security personnel and armed citizens in reducing homicides at work, in houses of worship, or at school. I assembled a simple survey and invited a variety of my correspondents and peers to participate. Frankly, I expected the results would reinforce some of my presuppositions. They did not. (Brady, 2011a) What is more, the greatest surprise arose from the answers to two factual questions.
When asked the number of workplace violence murders committed each year in the U.S. 57% of respondents underestimated. Only one in ten (6%) professionals correctly answered the question. Nearly a third (32%) over-estimated the number! 15% of respondents admitted they did not know the answer. When asked the percentage of workplace violence murders in the U.S. committed by co-workers, former co-workers, clients, family, or friends of the victim 10% of respondents underestimated. Only one in 12 (8.0%) security practitioners correctly answered the question. Most significantly, four out of five (83%) private security professionals overestimated the percentage of workplace violence murders in the U.S. committed by co-workers, former co-workers, clients, family, or friends of the victim (Brady, 2011a).
Others who study the psychology of risk have explained this. We tend to overestimate the risk of encountering exotic hazards such as airplane disasters, and downplay the frequency of more mundane hazards such as car crashes (Schneier, 2003). Of the demographic traits collected none seemed to correlate with those in error or the few who got the right answers.
As I mentioned above, this was a crude instrument and I am no sort of statistician. The survey represents very small, self-selected sample. The opinions expressed were just that, opinions. But two fact-based questions were asked. The idea that self-selected security professionals with very strong opinions about the risk of workplace violence were unable to accurately describe the magnitude or nature of lethal workplace violence is striking. This may be the result of lack of access to, or awareness of, the available statistics. Or it may be the consequence of the very human tendency to get it wrong when we conflate our feelings about risk with actually thinking about the real numbers.
In subsequent comments some discussion group members persisted in ignoring information that challenged what seemed to be an article of faith, "There is no time to waste as we saw in the Columbine and Virginia Tech slayings. Waiting for police response did no good to the countless victims." Why do professionals who claim to have studied the incident in detail forget there was an armed school resource officer at Columbine that day? (Nixon, 2010) Cognitive dissonance is a powerful thing; we must all be careful of it. Without deliberately forcing ourselves to consider information at conflict with our presuppositions and worldviews we risk making important decisions while wearing blinders of our own making.
Influence the success of the enterprise
What are you trying to accomplish? As a young security supervisor I was once told by a fiery, entrepreneurial boss “Your job is make sure nothing happens!” That advice, coming from a man whose security philosophy was neatly summed up in one sentence, “You can’t have enough off-duty cops with shotguns!” did not sit well with me. In time, as I grew to understand my positive role in the business world, I realized that the other half of the security process was to “help make sure the right things do happen.”
Some self-described “old school” practitioners eschew data, statistics, and supporting details when applying security. They know what works and what does not. I have heard some say, “I can’t tell you what security is, but I’ll let you know when you’re getting it.” They prefer to assume a position of authority as high in the hierarchy as possible and then be left alone to catch bad guys, make cases, and reduce financial losses. They tend to be hand-picked men who come and go with the executive they report to. Some of them regard those of us who assemble a business case for a security program as either hobbled or feeble. (Townsend, 2011)
Failure to apply data-driven decision-making is not new. Back in the 1990s I attended a lecture by whichever federal drug czar was on that throne at the time. During the question and answers period he was asked why, since treatment was about as effective as enforcement, his administration did not pursue a two-pronged approach to reduce demand for illegal drugs while continuing to attack the supply? While he agreed that treatment was about as effective as his empire's war on drugs he said reducing demand was not his responsibility. He encouraged organizations interested in the treatment side of the equation to find their own funding. His surprising candor held the key. Is there any incentive for the myriad agencies waging the war on drugs to actually win? What would they do if they could declare victory?
Servant leadership can play a role in businesses seeking out new opportunities or choosing to remain in challenging markets. If we perceive our job as simply making sure that nothing bad happens we might just encourage our executives to move out of troubled neighborhoods where providing effective security is more challenging. If, on the other hand, we believe that our responsibilities include helping make sure the right things happen we might size our executives’ tolerance for some risk as we seek security solutions that allow the firm to remain in a difficult market.
An example came up in an online forum recently when a peer professional asked advice about providing security enhancements to a bank operating in a crime-ridden part of her city (Townsend, 2011). This particular bank had no plans to leave, but many choose not to operate in high crime areas. When banks close their doors they miss out on potential profits and the already under-served community would have one less customer-friendly alternative to pawn shops, pay day loans, and expensive check cashing services. The servant security leader might find a way to help a bank operate profitably, while providing a safe work environment and delivering important financial services to a community.
Can we invert these negatives impacts and imagine using progressive leadership techniques to deliver positive results? I think so. Less exotic examples can tell an important story too. Annual turnover in the guarding industry runs as high as 300% (Lynem, 2002), yet some guarding companies, such as the one I work for, have only a 30% annual turnover. There is real cash value in creating a work environment in which employees choose to stay with the company. Recruiting, training, and equipment expenses drop. Creating cohesive teams improves the employment experience and increases client satisfaction. Statistics such as these are welcome news in most boardrooms these days.
Moral intelligence has been described as the application of the universal human principles of integrity, responsibility, compassion, and forgiveness to your values, goals, and actions. Moral intelligence, our ability to be better people, makes us better leaders. It is also a competitive advantage that is difficult for the competition to duplicate. On the other hand, failure to act in accord with our values can do great harm to us, our teams, and our business. Strive to operate in alignment with who you are. Tell the truth. Keep your promises. Care for your team. Forgive their mistakes and your own. By modeling these behaviors your team will demonstrate them to others. If you do not share the morals and values of your company you should find another place to work. (Lennick & Kiel, 2008)
Many security leaders seek to align the security program with the interest of the business. We are tired of our discipline being seen as a cost center. These days the perception of effective security and risk management should be able to help some businesses differentiate themselves from the competition. Security professionals will always be on the lookout for ways to further the security interests of the organization in a cost-effective manner, but it would be much more rewarding to partner with the business units to actually enable growth and enhance profits. (Williams, 2011)
Conclusion
Security leadership professionals should be careful thinkers, discerning consumers of information, respected content experts, and – most of all – effective business partners. Principled leadership calls us to promote the security process through the pursuit of the business interest, organizational ethics, professional knowledge, and personal confidence. To do so, we can adopt a positive and progressive servant leadership style, pursue a life-long study of the art of team building, and engage in critical thinking when making important decisions that affect the emotional and physical well-being of those we protect.
The temptation to leverage fear, uncertainty, and doubt is a hazard every security professional – not just the boys from the old school – must be careful to avoid. Gratefully, slopping at that trough in the decade after 9/11 seems to have mostly run its course. Is being a business manager first and security leader second more work? Perhaps, as some of us have much to learn about that approach, but it can be more rewarding in the long run. Is leading by influence, having to address many cells in a matrix management model more work? Absolutely; welcome to the 21st century business world. We must find ways to forward the business interests of our employer or client, especially to enable new business. The days of security managers saying "I can't tell what security is, but I'll let you know when you're getting it" deserves to go the way of the dinosaurs.
An employee-centered, community-oriented, business-forward approach to security leadership is not always expected in the boardroom, and I regret that security professionals do not get as many chances to deliver that message as we ought to. (Carroll, 1991) This is partly the fault of our trade's old school approach of dispensing fear, uncertainty, and doubt to justify the traditional "make sure nothing bad happens" model. But a larger fraction of the challenge lies between the ears of executives at the C-level who live on the "What have you done for me this quarter?" hamster wheel commitment to ever increasing earnings per share.
Whether our leaders, or those of our clients, choose to recognize wider responsibilities is up to them, but the choice of whom we serve is ours. (Shleiffer, 2004) While those security practitioners who served in the police and military swore oaths to defend and uphold our constitution as they honored us with their service, we in the private sector are not bound by any oath. We are not mercenaries – selling our sword to the highest bidder – unless we choose to be. Perhaps we are a little like the feudal rōnin – masterless samurai seeking the time and place where we can do the most good while abiding by our ethical principles. Morally principled servant leadership can be terrifying and rewarding at the same time. You will need to go beyond the comfort of being the content expert. You will need to stretch past the talents that made you a good supervisor, an effective manager, or a successful consultant. Hone your skills. Develop your practice. Be attached to your organization by choice rather than fear. (Quinn, 1996) Be mindful of the power you wield, but serve your team, your organization, your profession, and your community from the heart as well as the head.
“Early morning
I pick up my Sword and BrushTo practice my skills” (Sekiguchi, 2009)
References
ASIS International CSO Roundtable. (2010). Enterprise security risk management: How great risks lead to great deeds. The CSO Roundtable of ASIS International: Alexandria, VA. Retrieved from http://www.asisonline.org/education/docs/CSORT_ESRM_whitepaper_2010-04.pdf
ASIS International. (2011). Certified Protection Professional. ASIS International. Retrieved from http://www.asisonline.org/certification/cpp/index.xml
Bartlett, C. & Ghoshal, S. (1990). Matrix management: Not a structure, a frame of mind. Harvard Business Review, July-August, 1990. Retrieved from http://hattonconcepts.com/media/papers/competitiveness/Matrix%20management%20Not%20a%20structure%20a%20frame%20of%20mind.pdf
Bodner, S. (2006). Servant leadership: The complexity of a simple idea. Pyramid ODI. Retrieved from http://www.pyramidodi.com/papers/servant.pdf
Bolden, R., Gosling, J., Marturano, A. & Dennison, P. (2003). A review of leadership theory and competency frameworks. Centre for Leadership Studies, University of Exeter. Retrieved from http://centres.exeter.ac.uk/cls/documents/mgmt_standards.pdf
Brady, M. (2010). Would-be warrior-poet to should-be philosopher-kings. Eclectic Breakfast. June 3, 2010. Retrieved from http://eclecticbreakfast.blogspot.com/2010/06/would-be-warrior-poet-to-should-be.html
Brady, M. (2011a). Private security attitudes about the role of weapons in preventing workplace violence II. Eclectic Breakfast. Retrieved from http://eclecticbreakfast.blogspot.com/2011/05/private-security-attitudes-about-role.html
Brady, M. (2011b). The bunker mentality. Eclectic Breakfast. July 1, 2011. Retrieved from http://eclecticbreakfast.blogspot.com/2011/07/bunker-mentality.html
Brady, M. (2011c). Again, with the bunkers. Eclectic Breakfast. July 23, 2011. Retrieved from http://eclecticbreakfast.blogspot.com/2011/07/again-with-bunkers.html
Brady. M. (2011d). Yet another pillbox. Eclectic Breakfast. August 1, 2011. Retrieved from http://eclecticbreakfast.blogspot.com/2011/08/yet-another-pillbox.html
Bureau of Labor Statistics (2011). Occupational homicides by selected characteristics, 1997-2009. United States Department of Labor, Bureau of Labor Statistics. Retrieved from http://www.bls.gov/iif/oshwc/cfoi/work_hom.pdf
Campbell, J. (1973). The hero with a thousand faces. Bollingen: Princeton, NJ.
Carroll, A. (1991). The pyramid of corporate social responsibility: Toward the moral management of organizational stakeholders. Business Horizons, 34(4), 39-48. Retrieved from http://www.cba.ua.edu/~aturner/MGT341/MGT341%20Readings/Pyramid.pdf
Carroll, R. (2011). Cognitive dissonance. The Skeptic’s Dictionary. Retrieved from http://www.skepdic.com/cognitivedissonance.html
Csikszentmihalhyi, M. (1996). Creativity: Flow and the psychology of discovery and invention. Harper Perennial: New York.
de Becker, G. (2002). Fear less: Real truth about risk, safety, and security in a time of terrorism. Little, Brown and Company: New York.
Drury, S. (2004). Employee perceptions of servant leadership: Comparisons by level and with job satisfaction and organizational commitment. Retrieved from http://www.olagroup.com/Images/mmDocument/Drury%20Dissertation%20Spring%2004.pdf
Fitzgerald, M. (2003). All over the map: Security org charts. CSOonline. Retrieved from http://www.csoonline.com/article/218166/all-over-the-map-security-org-charts
Flaherty, J. (2005). Coaching: Evoking excellence in others, 2nd Ed. Elsevier: Burlington, MA.
Guardsmark (2011). The time for urgency is now. Security Management. July 2011.
Johnston. R. (2010). Being vulnerable to the threat of confusing threats with vulnerabilities. Journal of Physical Security 4(2), 30‐34. Retrieved from http://jps.anl.gov/Volume4_iss2/Paper3-RGJohnston.pdf
Kahan, D. (2008). Cultural cognition as a conception of the cultural theory of risk. Handbook of Risk Theory. S. Roeser, (Ed.), Springer Publishing: New York. Retrieved from http://ssrn.com/abstract=1123807
Leider, R. (2006). The leader in midlife, in F. Hesselbein & M. Goldsmith, Jossey-Bass (Eds.), The Leader of the Future 2; Visions, Strategies, and Practices for the New Era. A Wiley Imprint: New York.
Lennick, D. & Kiel, F. (2008). Moral intelligence: Enhancing business performance & leadership success. Wharton School Publishing: Upper Saddle River, NJ.
Lynem, J. (2002). Guards call for higher wages, more training: Industry faces annual staff turnover rate of up to 300%. SFGate.com Retrieved from http://articles.sfgate.com/2002-08-22/business/17558265_1_security-officers-security-companies-two-other-security
Németh, J. (2010). Security in public space: an empirical assessment of three US cities. Environment and Planning A 2010, volume 42, pages 2487-2507 doi:10.1068/a4353 Retrieved from http://www.securecities.com/docs/Nemeth_EnvPlanA.pdf
Newman, O. (1996). Creating defensible space. U.S. Department of Housing and Urban Development Office of Policy Development and Research: Washington, DC. Retrieved from http://www.huduser.org/publications/pdf/def.pdf
Nickerson, R. (1998). Confirmation bias: A ubiquitous phenomenon in many guises, Review of General Psychology, 1998, Vol. 2, No. 2, 175-220. Retrieved from http://psy2.ucsd.edu/~mckenzie/nickersonConfirmationBias.pdf
Nixon, B. (2010). What are your thoughts about organizations employing armed security guards as an added measure of security to respond to active shooter workplace violence situations? Security Source Online. Retrieved from http://www.linkedin.com/groupItem?view=&gid=2068227&type=member&item=49179314&qid=c85b8bea-d522-49a5-8dee-31b5495ac8ab&trk=group_search_item_list-0-b-ttl&goback=.gmp_2068227
Parker, P. (1999). Let your life speak; listening for the voice of vacation. Jossey-Bass: San Francisco.
Peters, T. (2010). Leadership is confusing as hell. European Institute for Leadership. Retrieved from http://europeanleadership.com/wp-content/uploads/2010/11/Leadership-is-confusing-Tom-PETERS.pdf
Prieto, L. & Phipps, S. (2009). An exploration of leadership thought and an introduction to proactive leadership in the context of managing change and diversity. The Journal of Human Resource and Adult Learning, Vol. 5, Num. 1, June 2009. Retrieved from http://www.hraljournal.com/Page/8%20Leon%20C.%20Prieto.pdf
Quinn, R. (1996). Deep change: Discovering the leader within. Jossey-Bass: San Francisco.
Schneier, B. (2003). Beyond fear: Thinking sensibly about security in an uncertain world. Copernicus Books: New York.
Sekiguchi, K. (2009) Haiku number 1. Kenji Shodokai - Kenji Sekiguchi’s Japanese Calligraphy. June 29, 2009. Retrieved from http://kenjishodokai.com/?p=158
Serrat, O. (2010). Engaging staff in the workplace. Knowledge Management Center, Regional and Sustainable Development Department, Asian Development Bank. Retrieved from http://www.adb.org/documents/information/knowledge-solutions/engaging-staff-workplace.pdf
Shleiffer, A. (2004) Does Competition Destroy Ethical Behavior? AEA Papers and Proceedings, Vol. 94, No. 2, 414-418. Retrieved from http://www.economics.harvard.edu/faculty/shleifer/files/competition_ethics.pdf
Townsend, B. (2011). What are your recommendations for securing a small bank branch located in a dangerous, robbery prone area? Relocating is not an option at this point. Security Source Online. Retrieved from http://www.linkedin.com/groupItem?view=&gid=2068227&item=ANET%3AS%3A56928992&goback=.gmp_2068227&trk=NUS_RITM-title
Williams, R. (2011). What your CEO needs you to know: Creating value, efficiencies, and return on investment. Presented at the Secure360 conference, May 10, 2011.
Photo credit Sam Magraby Photos8.com.
Many, many, many thanks to my sister Kathy, and my friends Lisa and Landon, for pointing out a wealth of typos! If you're saying, "What typos?" the credit is theirs; if you find any errors the responsibility is mine alone. Thanks also to Jim, David, and Julie, the supportive souls who encouraged me to shape this paper to more closely represent my vision. As of 14 August 2011 this is a revised version which incorporates much of the feedback I have received from readers (especially Mike Dailey, a LinkedIn peer). Thank you all!
This is a great piece: thoughtful, well prepared and with a sense of introspection. Not many people will give their career path that much thought regardless of the environment.
ReplyDeleteSecurity (known by its many names) is a highly misunderstood field of expertise. However "everyone" knows it...just ask any executive.
I could never do justice with insight that is as deep and profound as you may be seeking so I will simply say these two things: Don't over analyze it and always (Always) keep family first. No one on their death bed said Gee, I wish I had spent more time at work.
Pat Murphy
Mike,
ReplyDeleteI don't claim to know anything about security, but I am proud to be the father of a man who does! The section about "servant leadership" makes all of the sense in the world - however many hard-nosed leaders will find it to be too soft. I hope you don't find yourself working with the military, top down, might-makes-right type of organization.
The anonymous writer just prior to my comments also shows a good sense of the human element.
Larry M. Brady
I enjoyed reading your paper. Many of us in the security industry have practiced the upside down organizational chart, rewarding excellence, caring for your team and walking your talk, etc. for many years and it is good to see that younger managers are in agreement with these solid practices. I do believe that our industry and so many other fields overuse and abuse statitical data.
ReplyDeleteMike,
ReplyDeleteIt is hard for some decision makers to see value in “security” if primary function is security is to prevent something bad from happening. Moreover when there is a budget crunch, it is easy for some decision makers to cut back on security because it is hard to see the value proposition of prevention.
Security must to be an enabler, not a preventer. I maintain (quoting from my resume, BTW), that:
“The purpose of Security is to enable an appropriate level of Availability, Integrity and Privacy for the services offered. Well-designed and maintained security is a Positive, not simply something that denies certain actions. It enables one to function well in the real world with your eyes wide open.”
Based on reading your article, I see that you would largely agree with that statement.
-- Landon Curt Noll ( http://www.isthe.com/chongo/index.html )
Mike,
ReplyDeleteFirst of all, allow me to say that I enjoyed your paper. You obviously have put forth a lot of research and thought into its development. You appear to have no problem with challenging the ‘norms’ of the security industry, based on many of your statements. I especially like your castigation of the fear mongering that is so prevalent.
In your introduction you have established quite a lofty goal for yourself, “The goal of this, my last independent, study in my program is to prepare a paper describing a model for principled leadership in modern security organizations”, especially in light of the fact that the security industry is wrought with questionable integrity and ethics among the owners, organizers and leaders. Some other points you made left an impression on me as well, i.e. security leadership is a specialized discipline; the trade lacks academic literature; and the requirement to deal ethically with employees, the public and executives.
The ‘Servant Leadership’ section was probably my favorite, because I practice many of the elements you so eloquently put forth. I find that there is strength in being a servant leader, rather than being an authoritarian. Reading through your thoughts in this section served to reinforce my comfort with this approach to leadership.
Although you made some interesting points regarding team building, I did not find anything especially new or innovative. Having read a number of books on team building, the basics building blocks are the basic building blocks. However, I did like the fact that you emphasized up front the importance of recruiting broadly; hiring carefully; picking the right people for the job; and training them well…I have always believed in round pegs in round holes.
I do take some exception to your arguments about diversity. Using diversity in hiring, merely for the sake of creating diversity doesn’t work. Employing a person who has difficulty understanding and speaking the English language creates an untenable hurdle and a potential liability. Culturally it can be a liability as well, because American customs are often misunderstood and may appear offensive or contemptible to others because of their ethnicity or religious beliefs. Although diversity can be an advantage in certain circumstance, it again becomes hiring round pegs for round holes. You might want to think about inserting clarification around your arguments about diversity.
The section on ‘Critical Thinking in Decision Making” was written pretty well. I believe you effectively pointed out the lack of critical thinking that often occurs within the security industry. You offer excellent insight, as well as offering sound advice about avoiding alarmism. Your concluding sentence in that paragraph, “Fear, anxiety, and urgency have sold a lot of hardware and services this past decade, which we purchased with money that might have been put to better, more balanced use, elsewhere”, astutely points out the fallacy that so many of our peers have embraced.
In you concluding comments, you have carefully defined the principles by which the security industry should be guided, as well as offering valuable insight toward developing a more effective blueprint for success. I believe you have successfully presented serious arguments that security professionals should contemplate as they move the industry forward in the twenty-first century.
In closing, please allow me to suggest that you have a good proof reader check your work. Although minor for the most part, there are some grammatical and punctuation errors that need to be corrected. And thank you for giving me the opportunity to read, review and comment on your work, I enjoyed it.
Mike Dailey
“The question, which has haunted me for years and guided my program, is whether or not security professionals have deliberately – either through action or inaction – made use of fear to further their programs, especially since the terror attacks of September 11, 2001.”
ReplyDeleteAt the federal level, it has been obvious to me that fear is a business [1] and it is a growth field. I was a “nationally recognized bioterrorism expert” in 2001-2003 and the Department of Health and Human Services used bioterrorism concerns to fund public health programs that would not have been funded otherwise. USDA made a similar attempt to use the 2003 BSE (mad cow disease) case to get funding for other animal health programs.
“Critical Thinking in Decision Making
There are security professionals who are prone to believe the worst even in the face of statistics to the contrary.”
The urge to worst-case it is very strong among decision-makers because the risk of sanctions for excessive caution is usually less than the risk of sanctions for insufficient caution. You can get them away from worst-casing by:
Pointing out that the likelihood of several adverse events occurring at the same time is much less than the likelihood of any one of them happening; and
Adding a large meteor strike, a strategic nuclear exchange, and an influenza pandemic to their worst-case scenario.
See Jonathan Barron’s Thinking and Deciding for discussion. Well written and well referenced. An unusual combination.
“Use of statistic(s) honestly”
Statistics are just another tool for developing and implementing policy. Generally, people who develop and implement policy do so because they find the work interesting, fun, and want their organization to succeed. Numbers create “Merely corroborative detail, intended to give artistic verisimilitude to an otherwise bald and unconvincing narrative.[2]” Sending the data to Guantanamo works up until you run into someone who knows what you did. At that point, your credibility is gone (what else are they lying about?) and it may be time for a career change.
“Try data-driven decision-making”
Like Mark Twain said of Christianity, this is a good idea that should be tried some time. My experience is that managers would like to use more data and be more objective, but most of the data they are given is poorly presented and is not useful or easily understandable. Managers are usually managing a lot of things, and do not have the leisure to obtain and analyze data. So they rely on Informed Professional Judgment (which works more often than you think), Professional Consensus (usually it is safer to be wrong with the herd), whatever information is easy to get (the drunk at the streetlight problem), or, if forced into it, staff studies/analysis/reports. The last category is the least used because it is the least usable.
Two other references—
Eichmann in Jerusalem: a report on the banality of evil. By Hannah Arendt. It is still relevant because he was just a middle manager (equivalent to a Lieutenant Colonel) who tried to do a good job (in a security organization!). However, his narrowly defined professional sense got him hung for his efforts. Sort of a book-length restatement of your last paragraph.
Pearl Harbor: Warning and Decision. By Roberta Wohlstetter. A classic in the field. Good support for your points about critical thinking, data-driven decision making, and organizational behavior. By the way, the CIA likes it as well.
Politics and the English Language. By George Orwell. Many of your comments about manipulative and inept language use were also discussed by Orwell in 1946.
[1] “Fear is a business” is the title of an SF story that Theodore Sturgeon wrote back in the fifties. The notion is not new.
[2] Lord Pooh-Bah, The Mikado (Gilbert & Sullivan)
Mike,
ReplyDeleteOverall it is quite an interesting and very well written paper. After being in this industry for over 35 years on both the proprietary and contract side of the street most of what you point out is still the same as it has been and will continue to be for oh so many years.
The industry runs on fears and always threatens the what if this happens scenario as a way of selling everything it gains. I for one don't see that changing anytime soon since it is how most security departments grow and without using some of these tactics I'm not sure they would ever be able to grow. Is that good or bad? I am not sure what the answer to that is. One thing is for sure with the billions and billions of dollars spent by the government each year for Homeland Security, what has really been prevented? I think that is hard to say because there have been attempts since 9/11 and many of them failed because of mistakes on their part. But from someone who came into this industry in the early 70's, I have seen dramatic changes and awareness programs at almost every company and I believe we as a whole have benefited from them.
The biggest problem to me facing this industry is the wages that are paid to the officers performing the actual hands on duties at many companies. Worse yet are the contractors who supply these officers at next to nothing wages and usually with little or no benefits. Why hasn't corporate America stood up and said how come that guard only makes 8.00 to 10.00 per hour? The contract industry only does what it's customers demand so the real problem is the same two sided approach that has always been there. How can the security officer who is going to be in the middle of an incident be making less than a 1/3 of the police officer who is going to respond to his/her call for assistance and why is this what the customer wants?
As for the management style you represent, good for you as I have always been one to believe that my officers made me, I didn't make them. Their views and comments on everything they do is so important to a 24/7 operation that many managers forget or simply don't care about there thoughts. But I for one like you, believe that they see and hear far more than I ever will.
For the years that I have known and worked with you I can say that you are one quality manager and the ultimate thinker. Kudos to you.
Joe
Michael,
ReplyDeleteCongratulations on your matriculation!
This is a vibrant call for perspective taking to each of us that does the work. Both of us have experienced our share of practitioners that have used FUD,and since the bulk of my time is spent in the violence risk assessment and management area, I see it the majority of my time. It is our job to help prevent the loss, but also to enhance the quality of a healthy, safe, environment that people live in. Critical thinking is a key component that needs to be expanded in our profession, as does an appreciation for a cross-disciplinary outlook. Security practitioners should be the renaissance business professionals of the age, familiar with all things and master of a few, as they are required to work in and protect all aspects of the enterprise. We should encourage every security person, regardless of station, to learn as much as they can about how it all works and works together, because and they grow and expand, the work is done better and more comprehensively, providing greater value and safety.
Michael,
ReplyDeleteThanks for sharing this. Very thoughtful and thought provoking. When should we expect the book? It's now time for case studies and success stories based on Servant Leadership, Team Building, and Critical Thinking in Decision Making. While you are working on the book, perhaps I could be your shadow - so much to learn!
Thanks again,
Mary Poquette
Michael,
ReplyDeleteI was quite impressed with your first rendition, but your rewrite is so much better…it is like comparing the starkness of night against the beauty of a brilliant sunrise. In your rewrite, you have successfully captured a subtleness that did not previously exist. I believe this is due in part to some reframing of your thoughts, as well as both renaming and adding to the ‘topic’ section titles. The information flows more comfortably and seems to be a more interesting ‘read’.
In your introduction you added, “At Saint Mary’s I have encountered new methods to create more effective leaders and have found ways to apply them to the security trade.” This statement lends not only to your credibility, but to your purpose and sets the stage for what is to follow.
Your addition of information about serving yourself is excellent. The information was not ‘self-serving’, but rather a recipe for taking care of yourself, which enables you to take care of others. There are several other examples throughout your writing where the addition of information has removed some of the controversy created in your original piece.
I like the fact that you created a ‘Conclusion’ section. In this section you have successfully stated what your conclusions are and what you believe needs to be pursued to make the security industry more credible, as well as more successful. I especially like your last sentence, “Be mindful of the power you wield, but serve your team, your organization, your profession and your community from the heart as well as the head.” It speaks to the need to be human, to have empathy and compassion and do the right thing, while applying reason, logic, education and common sense.
Again thank you for the opportunity to review your work, I feel privileged. Since you have presented this on your blog, would you have any objection if I were to share your work with my employees?
Mike Dailey
Hi Mike,
ReplyDeleteI read through your paper and found it to be a good integration of the literature. I can see the thoughtful effort you put into the writing of this paper. Your thoughts are carefully described and represent your interpretation and synthesis of the various authors you read. It also appears that some of the thoughts originate from your experience and approach to leadership as you've grown in role as a leader. On an academic level, you might want to increase the number of citations that informed your thoughts or declarative statements. It would be interesting, as well, to see some type of graphic organizer representative of your model. To see it displayed visually would help communicate the model in a concise and "quick" manner. Thanks for sharing your good work and asking for feedback. I wish you well as you near the end of your degree program!
Sue Hines