Growing and existing businesses need capable and effective regional and international leadership. Security and risk management is no exception. Regional security and risk management is less about the heights of subject matter expertise or ensuring standardisation across various business entities but more about being able to mentor and develop local business and security management, vendor management, develop strategies for emerging and likely threats to the business, injecting ‘business’ into the security management systems and empowering the business as a whole to think and act as a collective ‘resilient entity’.
Security is a “catch all” phrase for a myriad of independent but related disciplines. If you were to announce that your general manager was now the sole point of accountability and subject expertise for marketing, accounting, human resources, operations, legal, administration, compliance, training and all the other aspects of the business you would quickly loose the faith of investors, staff and clients….not to mention drive the individual into an early grave. However, when it comes to security, this is exactly what businesses and general management attempt to do in one way or another. Outsource service providers, contract compliance, policy creation, IT security, cyber security, CCTV, physical security, investigations, vendor management, intelligence….and the list goes on.
To expect or ‘shoe horn’ all this into a single appointment or lean department is a folly, and the results predictable.
Localisation has been and remains a common strategy within multinationals as a strategy for reduction of costs and increasing local employment ratios, eliminating expatriates in the process. This strategy has it’s highs and lows or comes back into favour as leadership and financial accountabilities change from time to time. Whilst it has been at times effective in other aspects of the business, it rarely results in a any positive benefit for the business if applied to regional/global security and risk management.
You can’t see what you can’t see….a fish doesn’t know its in water until you take it out!
A career exclusive to any one environment and terms of reference limits an individual’s range of experiences and options for identifying and managing business and operational demands. To overnight make them responsible for a variety of cultural influence, local nuances, inconsistent legal structures, competitive markets and legacy development issues is both unfair and illogical. Even with active and persistent mentoring, it takes time and direct responsibility before anyone born and bread within a local environment exclusively can assume a regional or global role within security effectively and deliver advanced, consistent and positive results. Sadly, this is lost on human resource departments and recruiters and both contribute to the ‘churn’ in regional and global security and risk management roles. Even worse, some companies have such disdain and negative experiences due to poor individuals, they never replace the incumbent or the simply down grade the role to that of middle management and strip any/all business responsibility from the role after they leave. This applies equally to western/european individuals that think they are naturally predisposed for the role of regional or global security/risk management. Ethnicity is no guarantee of success.
Business, business, business is the daily, weekly and monthly priority of regional and global security leaders. Understanding, improving, protecting and growing the business are all the strategic aims, delivered by the professional expertise and direct/indirect resources afforded the overall security and risk management strategy and objectives. An extensive knowledge and experience in a variety of industries and cross-functional disciplines is also highly recommended. Don’t mistake this emphasis and usual amateur mistake of focusing on ’cost cutting’.
There is only some much you can cut….real value comes from growing.
Individuals taking on regional/global security or risk management roles will either have to build their own team or join an existing one. Don’t confuse the two and ensure you have the right approach for the right circumstances. Building a team is a challenge, identifying talent, accepting limitations, building a development pathway all whilst protecting and supporting the business is a unique and lengthy process. Joining an existing team means you have to study the group, understand the culture, develop relationships with individuals and be mindful of the situation and paradigm you have inherited. Change is the true test of acceptance. The appetite, understanding, resistance and support will all
Watch one, do one….teach one!
Thanks to the advancements and enhancements of recent technologies, regional and global leaders are able to create, deliver and manage a far greater number of professions and business units than before, in addition to creating individual and tailored learning packages for their team members and direct/indirect subordinates. Not only does this maximise the time and efforts of the regional/global leaders but it significantly accelerates the learning and ascension/succession and resilience of the business.
Regional and global security or risk management has at times been seen as an elite pinnacle of the profession or acknowledgement that one has “made it”. Regrettably this is rarely the case, with too many appointed to the role without adequate pedigree and preparation or simply ‘marking time’ until their retirement…..or planning their next leap to the “next better offer”. If businesses and individuals measure their mark and legacy based on the business’ performance and growth, along with those in localised positions, rather than their own resume…..everyone, including the profession benefits significantly.
Neither talent without training nor training without talent will create the expert craftsman.