A CEO and CSO Who Actually Communicate about Security

How does a CSO earn the trust of his CEO? Keep the security department operating within its budget, focus on the biggest problems and keep the lines of communication open. Those are the key lessons Richard Thalheimer, founder and former CEO of Sharper Image, and his former CSO Joe Williams learned during the years they worked together at the retailer known for pricey gadgets.

Thalheimer left Sharper Image in September 2006 amidst sagging profits, and Williams left shortly thereafter. During their time together, however, they enjoyed one of corporate America’s most successful CEO/CSO partnerships–one that helped them reduce fraud and shrinkage and led to such mutual trust that the two, both pilots, now share a small airplane. Recently they spoke with CSO about how they used that relationship to shape security strategy and prioritize risks, and why their friendship is still going strong.

CSO: Which came first, your business relationship or your friendship?

Joe Williams, former CSO, Sharper Image: We didn’t know each other prior to working together. I started working for Sharper Image in 1985, and we began working more closely together over the years. At some point fairly early on, we started our direct reporting relationship. We became very close in the business aspect because of that. I think we both realized early that clear communication, going all the way to the top, was the best way to have the organization set up. That way, Richard knew exactly what was going on at his company in all areas, rather than having some things shielded. After that relationship developed, we realized we had a lot of common interests outside of that, whether it was flying, motorcycles or cars.

CSO: The two of you share a small plane; tell me about that.

Richard Thalheimer: It was originally a business thing: We had certain store locations that were difficult to get to on commercial jets, like Fresno, Calif., or Scottsdale, Ariz.. We’ve had a couple different planes over the years, a Bonanza and a Cessna among them. It was easier to use our little plane to visit those stores. Those experiences made us closer too. When you fly around in a small plane that consists of four seats and a propeller, just by being in that space for hours at a time with someone, you become better acquaintances.

CSO: How did you prioritize the risks facing Sharper Image?

Williams: We evaluated risk based on where the biggest potential loss was. Credit card fraud was important to stay on top of daily. Shrinkage could also add up quickly. Retail loss prevention is much like Whack-a-mole. Problems pop up in one hole, and once you’ve solved that, it pops up somewhere else. That’s what you’re doing, especially when you have a lot of stores. One of the best things you can do is to prioritize what’s going on that day.

Thalheimer: In our business, we found that more losses occurred internally than from credit card fraud online. There is a temptation to embezzle products. A lot of our work was involved with managing and motivating our own people to not be tempted.  

CSO: How did you make decisions about whether to report a crime or pursue a criminal? Richard, when did you expect Joe to call and tell you about a problem?

Thalheimer: It would depend on what it was or who it involved. If it involved customers or store personnel at a lower level, often I wouldn’t hear about it, particularly if the stock clerk was being arrested in Tennessee or something like that. But if it was some sort of fraud or embezzlement, I’d want to know that, because those are people that are either directly or indirectly reporting to me. In general, seeing that the CSO is able to maintain his loyalty to the CEO and bring things to that person’s attention without any attempt to cover it up builds a much stronger bond over time.

CSO: Richard, was it ever hard to understand the ROI of security? Did you ever have a hard time understanding the reasoning behind a request for security funding?

Thalheimer: I don’t doubt every CEO goes through the process of evaluating their top management. But one observation about the way Joe ran the department is that it was always seemingly on a budget that was less than one might expect, rather than more. His department did not waste money. Once I recognized that personality trait of Joe’s, it was easy to have confidence that whatever expenditures they wanted to make were well worth it. They were usually under budget rather than over.

CSO: You had some great successes on the security front. In 2004, Sharper Image prevented $13 million in merchandise from leaving the company, and chargebacks for Internet and telephone orders were 0.33 percent, which is low for the industry. Do you think those things could have been achieved without the relationship the two of you have?

Williams: No, I don’t. Many people knew of my direct relationship with Richard and knew I had his support and backing, and it carried a lot of weight with my staff. So when I went to enforce a process or procedure, I always got what I needed from them, as far as performance goes.

Thalheimer: My message always was that I supported the security efforts, and I wouldn’t tolerate any manager’s non-responsiveness to those efforts. That message became very clear in our company. If it was important to Joe, it was important to me. As the CEO of Sharper Image for 30 years, I repeatedly gave the message that I was behind our security officer.

CSO: Richard, what did Joe do that you wish every CSO would do?

Thalheimer: He wasn’t afraid to bring anything to my attention.  The CEO needs to have the confidence that the CSO is pursuing good choices to prevent as many threats as possible. One of the ways he achieves that confidence is through communication.

CSO: And Joe, what did Richard do that you wish every CEO would do?

Williams: The main thing was that I had an open line to Richard. I knew what not to waste his time with and what to go to him on. That was the key to my success there.

CSO: What do you say to other CSOs who are struggling with their CEO relationship? How can they improve it?

Williams: The obvious one is that some companies tend to want to have the CSO report to someone other than the CEO. I don’t understand why you would ever want to put a filter between the top “police officer” in the company and the president. I would assume if the head of the FBI thought he had a serious problem he could call the President and tell him. The CSO also needs to be involved in more than just the security function. You have to be proactive about fixing problems even if it’s not directly related to your function. That makes you more valuable to the company and to the CEO.

CSO: If you had to choose one thing that helped make your relationship work, what would it be?

Williams: I could be totally honest with Richard about what was going on. It may not have been something he wanted to hear, or liked to hear, but he wanted to know what was going on. And I knew I didn’t have to worry about whether or not to tell him something. There was openness, both ways.

Thalheimer: Joe solves problems; he doesn’t create them. He is someone who can quickly communicate a problem, develop a strategy for solving it, and then carry through with that. That’s an individual characteristic of him, but it was key to what made our relationship work.

Associate Staff Writer Kate Walsh can be reached at kwalsh@cxo.com.