Leadership Lessons: CSO Compass Awards 2008, Part Two

More leadership insight from the 2008 CSO Compass Award winners: Marco Fidanza, Jim Hutton and John McClurg.

Marco FidanzaDirector of Security, Takeda Pharmaceuticals

"On my internal team, I've got about 10 FTE security management folks, and we use an outsourced security provider for security operations. I emphasize projecting a professional image in deed and action. For instance, we don't use the word guard or say guard booth; we use the word checkpoint. We constantly strive to professionalize people on the operational side, from investigations all the way through. Our officers, no matter what level, we view as our team. They are our extended team, no matter what level they're at.

"What I struggle with and sometimes get flabbergasted at is the unprofessionalism I see in security providers. What I've seen is people not holding them accountable. You're trying to fight that lowest common denominator. I'll hear, 'Well, XYZ Co. doesn't ask us for KPIs; why do you need them?' So I need to be clear that it's our expectation.

"In the end, it's about relationships, holding people accountable and surrounding yourself with people who challenge you. While it might be comfortable to surround ourselves with people who think like us, in my view it's not healthy because you get a jaded or one-sided perspective."

Marco Fidanza joined Takeda Pharmaceuticals in 2001 with the mission of building the company's security function from scratch. The security department now encompasses brand protection, information protection, security operations, investigations and crisis management oversight.

Prior to Takeda, Fidanza was a manager of security investigations at Abbott Laboratories, where he was responsible for global company investigations. He began his career at United Airlines, starting as an internal auditor, responsible for operational audits at United's global locations. "I like to describe myself as a recovering auditor," he says. "It's where I cut my teeth on the area of fraud." He was later promoted to corporate security representative at United and was the first non-FBI person to work in the department. At that point, he made a complete transition into the security profession, working on employee investigations and fraud.

While at Takeda, Fidanza was a member of the team that constructed a new Takeda corporate campus in the Chicagoland area. He was instrumental in developing a state-of-the-art security master plan and architecture to protect and safeguard personnel and company assets. The campus was selected as "construction project of the year" in the Chicago real estate community.

Fidanza holds a business administration degree from Loyola University of Chicago and has previously been a CPA and a Certified Fraud Examiner.

Jim HuttonCSO and Director of Global Security, Procter & Gamble

"There was a huge cultural difference between the two companies. Gillette was engineering-based, focused, deliberate and quicker to make decisions. P&G is a marketing company whose culture is all about ideas and collaboration.

"It's all about confidence in your ability to understand the business or organization, and your confidence in your ability to develop and deliver solutions and be able to measure those solutions. Don't fall into the trap where security falls into the backseat and is told what to do. Go into the C suite and own the room. It really doesn't matter whether we're talking physical or cyber security.

"What does the business need from you? If they know they're being heard and listened to, you will gain momentum, and soon your phone starts ringing. It's almost a [sales] account rep mentality."

Jim Hutton became chief security officer and director of global security at Procter & Gamble in 2005, after P&G acquired Gillette, where he had served as vice president and CSO. He joined Gillette in 1993, serving in a variety of increasingly responsible security positions in the finance and administration areas. Today at P&G, he heads worldwide security direction and consultation for all business units.

Trained as a special education teacher, Hutton spent three years in that field before enrolling in law school. Midway through the process of obtaining his degree, he accepted a position at the U.S. Department of State's Bureau of Diplomatic Security, where he worked for 10 years. This agency is responsible for the protection of U.S. diplomatic personnel, information and facilities around the world. During his tenure there, he served as a special agent, watch officer and counterterrorism intelligence analyst, and received the Meritorious Honor Award in 1992. "They were all unique, building-block opportunities," he says. "They taught us everything, and I was grounded in a number of disciplines that continue to serve me well."

A native of Philadelphia, Hutton is a graduate of West Chester University, where he earned a BS in 1979. He is a member of the American Society for Industrial Security and earned the Certified Protection Professional designation in 1997. Hutton is also active in the International Security Management Association, on the Security Executive Council and on the Northeastern University Cooperative Education Employer Advisory Board. In 2003, he was invited by then-Secretary of State Colin Powell to participate in a leadership role in the Overseas Security Advisory Council (OSAC), a forum that provides security guidance to U.S. businesses abroad. He currently leads the OSAC Committee for Country Council Outreach.

John McClurgVice President and CSO of Global Security, Honeywell

"My [FBI] boss came out and yelled, 'Who here knows anything about Unix?' I grew up in Libya before the Six Day War, and I knew all about eunuchs. So when he came in, I didn't know why he was asking about eunuchs, but I raised my hand. He handed me a file and said, 'This is critical; we need to get right on it.' I opened up the file and didn't see anything about eunuchs in there. It was a serious misstep, but then again, the FBI at the time also didn't have anyone who knew anything about Unix, either. In the end, I reached out to Sun Microsystems, which gave me an engineer to help me through it. "The lesson is to embrace the improbable or the unknown. That day, there were literally people heading for the door when the boss asked who would take on this unknown opportunity. But the unknown can, in fact, work its way back around as our friend."

John McClurg serves as vice president and CSO of Honey­well's Global Security Organization. He is responsible for the strategic focus and tactical operations of Honeywell's internal global security services, both physical and cyber. He is also charged with advancing business continuity, seamlessly integrating Honeywell's security offerings and improving the effectiveness of security initiatives.

Before joining Honeywell, McClurg served as the vice president of global security at Lucent Technologies/Bell Laboratories and in the U.S. Intelligence Community; he was also a twice-decorated member of the FBI, where he held an assignment with the U.S. Department of Energy (DoE) as a branch chief charged with establishing a cyber-counterintelligence program within the DoE's newly created Office of Counterintelligence. Prior to the DoE post, McClurg served as a supervisory special agent within the FBI, assisting in the establishment of what is now known as the National Infrastructure Protection Center within the Department of Homeland Security. McClurg also served on assignment as a deputy branch chief with the CIA, helping to establish the Counterespionage Group. He was also a special agent for the FBI in the Los Angeles Field Office, where he implemented plans to protect critical U.S. technologies targeted for unlawful acquisition by foreign powers, and served on one of the nation's first Joint Terrorism Task Forces.

McClurg holds a JD degree from Brigham Young University, is a member of the Utah Bar Association, chairs the Awareness and Innovation Committee of the Overseas Security Advisory Council of the U.S. Department of State and sits on the FBI's Domestic Security Alliance Council. He also holds an MA in organizational behavior, BS and BA degrees in university studies and philosophy from Brigham Young, and advanced doctoral studies in philosophical hermeneutics at UNC- Chapel Hill and UCLA.

All in all, McClurg has spent 10 years in academia, 10 years in government and almost 12 years in the commercial sector. "Like a proud father, I love all those periods of my life," he says. "They've come together in a way that I can capitalize on the knowledge from each sector, which speaks to the richness of the environment I currently work in."

Related:

Copyright © 2008 IDG Communications, Inc.

How to choose a SIEM solution: 11 key features and considerations