• United States



by Shannon Macdonald

From Security as a Business Enabler

Apr 11, 20053 mins
Build AutomationCSO and CISO

Report from David Burrill's presentation at CSO Perspectives conference

I have a lot of empathy for our Executive Programs staff who plan these events. Specifically,I wonder how they manage to find the right speakers for the right time of day. Take the first session after lunch. Attendees come from a sun-drenched veranda into the main hall for an hour-long discussion. It better be good or there’ll be some serious snoozing. But David Burrill, CSO of British American Tobacco, had little trouble fending off his colleagues’ somnolence in his post-lunch session, Security as a Business Enabler.

“I’m conscious of the fact that I’ve drawn the after-lunch session,” Burrill, a Brit, joked. “Feel free to nap. However, if you snore, you’ll be evicted.”

Burrill delivered a high-level talk–laced with edgy humor, some of which was not a perfect fit for this forum (you’ll have to ask a colleague who was here)–about how BAT is organized for security and how he hopes that, even after he retires next year, the function will continue to grow. His goal: Have a BATCSO on the board within ten years, something that hasn’t happened yet, he says, because he has not successfully convinced his bosses that he’s worthy.

Burrill is overly self-critical that way. “I’m never satisfied with anything I do. Never ever,” he said. In fact, he’s been extremely successful at BAT’s CSO, managing a huge, well-organized security function that includes 85 security managers and many more staff. He shared the company’s security structure and its transformation with the attendees.

His philosophy, Burrill says, was “born in 1992,” when he left the British Army (military intelligence) and joined British American Tobacco. It “came of age in 1998” and it was “fully recognized” in 2003, right about the time that his boss, the Legal Director, became the “Legal & Security Director.” Finally, security had a seat on the board. Next, he hopes the CSO gets one. Burrill also related some useful tactical experiences. In 2002, security at BAT went under an audit, the biggest audit of any function at BAT ever, and came out with some impressive metrics. One in particular stood out: For every $2 spent on securitythe company avoided $1 of loss from theft and other crime.

Burrill’s energy and his enthusiasm for the security profession were evident from the beginning. So was his ambition. He summed up his philosophy this way: Corporate Security is to companies what national security is to nations.