Home » Security Leadership » Career/Staffing

Bob Moore Knows How Not to Get Fired

Remember: Once you have a security leadership job, it's the little things that help you keep it.

By Scott Berinato

Page 8

Beyond the empirical definition of humblethat is, the opposite of arrogantthere are three facets to how we're defining the term.

First, be affable. That comes from firsthand experience. The sheer niceness of some of the most successful security executives we've encountered during the first year of CSO's life has smashed our preconceptions. Those CSOs who aren't losing their jobs are disarmingly kind and accommodating. This trait extends to crisis situations too, where a calmness and unflappability in the face of a major incident is de rigueur (see "It's a Small World After All," at www.csoonline.com/printlinks). Lenzner calls it "approachable confident polish," and adds, "These guys hold themselves to a higher level of honesty and loyalty."

Second, cooperate with and rely on other CSOs. This hearkens back to loyalty: security executives honor the profession as much as they do their companies. It is a tight group, almost guildlike. "You pick up the phone and ask, What should I do?" says Wyeth's Coughlin. "Don't pretend you can do it yourself. Real-life experience is so important, and if you don't have it, someone you know will. The security issue transcends competition. We have to cooperate, I think, to a point that CFOs and lawyers would be huffy if they knew how close we were."

Kent of Genzyme talked to his peers around the block about a neighborhood security program as he helps secure a new world headquarters, even though many of those neighbors are direct competitors to Genzyme. Says Humphrey, "Crime itself recognizes no institutional boundaries, and therefore security should not. Good, successful CSOs can recognize the ability to work with colleagues at competitors without sharing proprietary information.

"I know of many situations wherehonesta CSO might end up with competitive intelligence. Say, a notebook. And without exception," Humphrey says, "he will call his colleague at the other company and say, 'This document belongs to you. Here's who's seen it. Nothing more will be done with it.' And they'll give it back. That's the kind of honor we're talking about."

Third, be patient. The problem with having a holistic vision of security, which CSOs by definition ought to have, is it sparks a human impulse to realize that vision now. All at once. That, in turn, will almost definitely alienate you from other executives. "Exercise patience," says Moore. "You can't push everything at once. You have to prioritize."

Moore says his own plan at Merck was a "five-year plan" and that complete buy-in of security as an executive-driven function took three and a half years. It's a virtue for a reason.