Home » Security Leadership » Career/Staffing

Bob Moore Knows How Not to Get Fired

Remember: Once you have a security leadership job, it's the little things that help you keep it.

June 01, 2003 — CSO — Nearly 30 years of experience and four jobs in corporate security, including his current post as executive director of global security at Merck, and not once has Moore been let go, laid off, fired or otherwise left to "pursue other interests," as the transparent euphemism goes.

He attributes his perfect record to the kinds of things you'll find in all the management and leadership books: honesty, confidence, good staffing, experience. But then he backs it up. He demonstrates how the dog wags the tail, not vice versa. He hasn't been fired, in part, because of his credibility. Sounds nice. But then Moore explains in large block paragraphs how he gained credibility—by reporting to legal counsel, for one. And by creating global security policies in which the most detailed section is not on what employees can and cannot do, but on the ethical guidelines for his own security team.

"He is what I'd call the example of a CSO who's a leader and who will thrive," says Tracy Lenzner, CEO of the LenznerGroup, an executive recruitment company that places CSOs and CISOs.

Not all of you will be as lucky or as smart as Bob Moore. In fact, the reason we're writing this story now, right after you learned how to get hired, is because there is also an epidemic of security leader firings going on. That's especially true in the information security ranks. Companies such as Merrill Lynch and Fidelity have eschewed their information security officers. And R.A. Vernon, the CISO for Reuters America, was interviewed for this issue because of his wealth of experience and because he directly contributed to his company's revenue stream. Before we finished, he was let go.

The statistics show that most of you are not like Bob Moore. You are young in your job or the first to hold an executive security position at your company, or both (see charts from our exclusive survey results, Page 46). Many of you are fulfilling a vague dictum from the board to get serious about security because of 9/11, or because of the continuing flow of computer attacks, or because of war. There are plenty of reasons to create a security function. Generally, though, it's done without much notion of what the function should be (never mind a practical job description).

All of that combined with a penny-pinching economy, Lenzner says, makes many of you eminently fireable. If other executives perceive little or no valueor even negative valuefrom what you're doing, you'll be gone in a New York minute.