What is the future of convergence in security?
The word itself is erroneously used to describe a number of different job types or functions, therefore it is worth clarifying exactly what the term means in relationship to positions in the risk management sphere.
Convergence in security is not as simple as merging cyber or IT security with other risk management functions on an organisation chart. True convergence means the combination of all parts of risk and being fully integrated into the business. Rather than owning it all, it is having influence.
One convergence model would find the security executive functioning as a single point of accountability for all security risk strategies. Another might be a blend where some components are owned but other stakeholders are involved. A third might find the executive owning some areas and being actively involved in specific risk committees that address other components. In any of these scenarios you would find a mature programme whereby the security executives are highly influential with their corporate leadership team and board.
What will the security professional of the future look like in a true convergence scenario? What skill sets will they possess?
The competencies required to be successful in this environment are likely to be different to what has previously been sought, and a very relevant bellwether is the changing human capital landscape.
Historically the security profession has valued age and experience, with many practitioners entering the field after a full thirty-year career as a police professional, career soldier or intelligence officer. Security is perhaps one of the few occupations where a large number of people have consistently moved into what is a robust second career following their first. As a result, there are currently very experienced leaders in senior positions within many corporations, and they likely moved into those positions directly from public sector employment.
These demographics are changing, perhaps in unexpected ways. Companies continue to hire analysts straight from university, which infuses the practice with a younger workforce. Additionally, we are now seeing people leave the public sector after ten to fifteen years rather than remain there for what would have been thought of as a full career. This is a shift from what we’ve seen previously, and earlier departure from their first career means longer time in the second. This raises the challenge of career progression over a much longer timeframe than has historically been seen.
Is there growth on the horizon?
In order to further understand what this career path might look like, we recently conducted a survey amongst our client and candidate base, asking if they saw growth on the horizon within their own team. Overall it was a positive response, with the majority pointing toward some sort of expansion.
Some felt their businesses had positive growth and were profitable, and, as a result, the company was growing across the board to include the security functions. Other individuals felt their companies were perhaps not as successful, therefore their personal career growth would need to come from something other than increased size of the security staff that might result in more upward opportunity for themselves.
Several in these circumstances felt the need to venture further afield to potentially dangerous and more austere locations in order to broaden their experience and increase their compensation. They felt the risk to the business and its staff became greater due to the company’s location in these environs. Therefore, the need for a strong, agile security function was proportionally increased as were their opportunities.
Challenges functioning at strategic and executive levels
A resilient and capable security function will always be needed at the heart of international organisations in these circumstances. However, one observation we continually hear from clients is that, while professionally or technically knowledgeable, their staff members still have challenges functioning at strategic and executive levels. Overlooked but very critical in terms of skill sets for success in a converged environment are the soft skills, competencies, business acumen and executive skills.
We recently polled a substantial number of international security executives whose salary levels are considered higher end, and asked them to rank competencies in order of importance. This global cohort consistently ranked business acumen within the top five. This lends credence to the concept that security executives of the future require a clear understanding of the level of influence they will be expected to wield.
Security professionals who hope to advance within a longer-term, second career with a corporation will be wise to explore more creative ways to enhance their skills sets and develop their marketability. Rather than focusing on a linear career path, broadening exposure and progressing careers cross-functionally could become the norm.
Corporate hiring practices are changing to accommodate this expanded view of the future security executive. Hiring processes have lengthened with the number of participatory interested parties and stakeholders increasing. Country Managers, Chief Financial Officers and Chief Executive Officers have all played significant parts in the decision making for projects we have recently completed.
The future for security professionals is bright indeed, and requires well-educated, experienced individuals focused on a long-term career. Is the corporate security world enough of a challenge to take someone through a 25-year second career? The continued evolution of converged roles will play their part in development and growth of our most talented security professionals.
James Butler
Managing Director, Security Management Resources Ltd.
