By Joe Davis, director of loss prevention for T-Mobile USA.
Having served in retail for 19 years, I’m not big on endorsing vendors or third-party products. The cardinal rule of showing complete objectivity when it comes to outside companies has been deeply engrained in me. Yet, I’m about to share with you rave reviews of the Wharton/ASIS Program for Security Executives: Making the Business Case for Security, which I recently attended. I am making this exception because in doing so, I believe there is enormous benefit to be gained by my peers. This course delivered such a new perspective and practical insights that I believe living by them can advance security in organizations to a whole new level. For my part, I feel as though I went from zero to Ivy League MBA in 10 days. So what exactly, you might ask, did I learn that was so valuable?
Not New Information, But A New Perspective
The program that I attended is the Wharton/ASIS Program for Security Executives: Making the Business Case for Security, or as I like to refer to it, Wharton’s Executive Bootcamp for Chief Security Officers. Like any executive business program, it is designed to lay a foundation for individuals in business who may not have a comprehensive understanding of all the different functional areas. As you would expect, the program is broken down into several different areas: strategic thinking, leadership, essentials of finance, fundamentals of marketing and a few more. My expectation was to walk in and learn an extensive amount of new information about the functional areas to which I am not typically exposed to in my career. Walking out, I realized that the greatest achievement was taking things that I already knew and refining my understanding of the application of these things into my business in a day-to-day process.
While the program is called, Wharton/ASIS Program for Security Executives: Making the Business Case for Security, there is absolutely no material on security presented. A clever approach by Wharton. Why would they need to teach security experts about security? What they want to do is teach security experts how to most successfully achieve their goals in the whole business environment. I did not necessarily learn new information; what I learned was how to look at my job from a new perspective. Think about the difference in climbing into a helicopter and taking an aerial tour of the Grand Canyon as opposed to experiencing it as a hiker at the bottom of the canyon. Let me tell you, the perspective is starkly different.
Here are some examples of insights I took away from the program that you can bring to your organization as well.
The Need To Define Strategy Differently
Think of how many different books and articles are written on strategy: what it is, how to define it, how to create it. At Wharton, they teach that the definition of strategy is simple: “A plan to win.” Too often, business executives focus on strategy as a process: A means to an end rather than the end itself. But strategy is ultimately about achieving outcomes. In security, that means reducing losses, expanding the revenue model, increasing sales, or any other number of enterprise business objectives. If you don’t infuse your team with the ultimate goal, strategy quickly digresses into the realm of implementing tactics, with focus lost on winning. We don’t want participation trophies, we want championship trophies.
Too often we are overcome with the process that may hold us captive. At Wharton they encourage the development and implementation of a sound business strategy, but, more importantly they stress the critical nature of defining what winning looks like to you and your business. In my business today winning is hitting key financial metrics as well as the overall protection of the assets of my company. Taking strategy out of the visionary realm and placing it into the tactile world of specific outcomes will drive ownership and accountability within your business.
Logic is not always the best tool
Security professionals have a tendency to respect logic above all else. After all, it’s essential to success in our own jobs. We have to follow a path of facts to their logical conclusion to identify and solve problems. And while logic is a critical tool in security, it is not always the best tool when working with other functional areas in the organization.
Sit down. This isn’t going to be easy. But sometimes you have to let go of logic and focus on relationships. While it might sound eerily like something off of the Oprah Winfrey show, it’s the truth. When it comes to getting buy-in from different groups or winning over skeptics to your way of thinking, logic is not necessarily the most effective tool. It is true for communities, families, businesses and any human network: people do things for people they know and like. Asking for a favor as a friend is likely to yield better, quicker results than trying to enforce action through formal channels. What does this mean for security professionals? Well, it means getting out and getting exposure to colleagues across the organization and interfacing with them on a regular basis. Often, security professionals limit their exposure to executive leadership and other functional areas unless it’s required by a specific project or event. This is often done in the name of efficiency. So when security needs or wants something, they are reduced to delivering dry arguments for action, which produce little enthusiasm and gain a paltry following. An investment in colleagues and relationships is an investment in your strategy.
Let’s say you want to change the way you are protecting a distribution center and want to increase guard coverage. Many times, a security professional will pull together a plan and give a list of reasons why additional guards are needed. But without relationships, the executives see you as a walking blank check. Knowing you personally, and the value you are adding, and what you are trying to accomplish for the organization, makes accepting your proposal much easier, a more personal affair.
How to Ask for Money
Our instructor for this session, John R. Percival, PhD is a professor of finance at Wharton. Dr. Percival provided some excellent case studies on building shareholder value within your business. His real life examples and engaging delivery had me more interested in Finance than I thought was actually possible. Asking for budget dollars in the security realm is a tedious annual process that is many times bane of a CSO’s existence. I learned that it’s easier to ask for funding if you can do it in a manner that drives value into your organization by delivering the message in the language of the finance team. Shift your focus from asking about financing for your project to telling how your project will positively impact financials. This is about communicating in the language of your audience. Instead of asking for money and justifying why it should be spent, position your projects in light of the value they will drive to the bottom line: the reduction in loss, the savings in personnel, the increase in time spent focusing on the customer.
Security is often pigeon-holed as a cost center, when in reality it can and should be marketed as a competitive advantage. Think about how security positively impact the business. For example, by mitigating risk, the company can deploy more stores in the market. By reducing shrink, the business can invest in growth initiatives. By streamlining operations to reduce loss, security improves efficiency and helps save labor costs. It’s easy for security professionals to focus on what’s inside their area instead of focusing on their true impact to the outside organization.
Prepare for Meetings
“Really?” you’re asking. “Prepare for meetings?” It seems obvious, but amidst the frantic pace of business today, think of how inefficient most meetings are. How many times have you been to a meeting at a set time and the only preparation time you have is the time it takes from you to walk from the last meeting into the next? The executive course really delves into the value of being prepared for meetings. The prepared person is more effective at gaining their expected outcome than the person with no agenda. It’s a small, seemingly unimportant concept, but the result of poor preparedness is simply that all your time spent in meetings gets thrown down the drain. When you think about how many meetings you have each week, that’s a significant loss.
In Conclusion: Escape out of the security silo
In short, the big lesson I learned was how to avoid getting caught up in the security silo and how to start viewing my work as a program that aligns with the company’s strategy. I know that what I am doing in security is helping the organization achieve its goals, but often I reduce my programs to tactical plans that I fail to communicate to others in the organization on a regular basis.
Security is its own animal. It’s not like sales or marketing and will not be treated like those things. In some ways, it’s the least understood function in the organization. Therefore, our job of explaining how security supports the overall strategy of the organization is much harder than it is for others. We have to look for points of integration as opposed to points of differentiation. The good news is that as security professionals, we have many strengths that we can leverage to better communicate our messages and objectives. We know people. We understand interviewing and picking up on body language and other clues. We can easily tell how people are responding to our interaction. Use this skill to guide you when presenting proposals and communicating with others.
The program’s academic director, Mario Moussa, told us, “Reality is a liquid, not a solid.” It’s the truth. In the security world, we pine for a firm foundation from which to work. We must learn to be willing to step into the liquid and immerse ourselves in the fluid reality in which business exists. We have to gain flexibility outside of the self assurance that we have developed in our specialty over the years and recognize that there is a different way to doing things. Failure to do so limits our success and that of our companies.
Joe Davis is a director of loss prevention for T-Mobile USA. He manages a team of corporate and field level investigators focused on enhancing profitability within the enterprise. Joe’s team is responsible for all internal and external operational improvement and investigative programs in the business. Since joining T-Mobile in 2008 Joe has designed and implemented numerous cutting edge programs from risk mitigation in the retail stores, to reducing operational expenses by $30MM.