For two decades, the SEC has stood at the forefront of corporate security excellence. Drawing on the deep experience of our emeritus faculty—seasoned leaders who once shaped security strategies for major organizations—and our dedicated staff, we share insights forged in real-world challenges.
The Power of Principle Over Pressure
Insight From
Chris Schaffer
It was a beautiful evening offshore, and I was the Boarding Team Leader, and senior Petty Officer onboard, age 23. We received two simultaneous radio calls, one for SAR (Search and Rescue) and one for LE (Law Enforcement). The first was a group of migrants reported floating on a raft offshore, and the second, a “high-level” intelligence source placing a load of cocaine on a yacht leaving the local harbor. The next call was from (omitted) ordering me to find and board the boat with the cocaine. I reminded (omitted, who vastly outranked me) that life safety always came first, and was again ordered to break contact from our search and go after the cocaine. I refused and tracked our search toward the raft. Eventually, just at sunset, we found the raft…which in and of itself was a small miracle, the migrants had abandoned their raft and swam to shore. We did not know if everyone made it, but we were relieved at least some did.
The next morning, I was summoned to the COs office, and received an extraordinary dressing-down, that the entire crew must have heard. We have a 1 to 7 rating system in the Coast Guard, and I was told I should receive a 1 in judgement, and a 7 for humanitarianism. At age 23, what possessed me to say, “Sir, a 1 and 7 equals 8. If you divide by two, it’s a 4 and so I’m at least average”. The CO, who later made Admiral, did not appreciate my quip, and I was summarily thrown out of the office. Cooler heads later prevailed, and I avoided Captain’s Mast. My career continued with global assignments with DoD, Headquarters, high profile leadership assignments, selection to Naval War College and eventually, the rank of Captain (0-6).
To this day, I wouldn’t change my decision. Yes, I disobeyed an order, but not our overarching tenet of being those who risk life to save life. That single instance was a leadership lesson I never forget, could have been career ending, but served me well into my corporate years and later at SEC when coaching new leaders. Always go with life safety first, and everything else good will follow.
The Business of Protection and Demonstrating Value
Insight From
Dan Sauvageau
A security leader’s first and most critical responsibility is to understand the business they’ve been entrusted to protect. You cannot safeguard what you don’t fully comprehend. That means grasping the company’s core operations, identifying its most valuable assets, and recognizing the internal and external risks that threaten them. Only with this foundation can a leader design a portfolio of effective security programs and services to mitigate, counter, and respond to those threats.
Once these “ingredients for success” are in place, the next step is just as vital: building strong, enduring relationships with business leaders. Security teams must consistently demonstrate—through real, tangible examples—how their work directly protects the firm’s assets. When business leaders trust and respect the security leader, their mission, and their team, they become powerful allies whose support pays dividends throughout the leader’s tenure.
Unfortunately, many business leaders still don’t truly understand what security does. When that understanding is absent, security leaders are forced into a defensive posture—constantly justifying their work, their budget, their staff, and sometimes even the existence of their function.
True success is achieved when every functional leader, from department heads to the CEO and Board members, understands and values the role of security. I saw this firsthand when a company I worked for announced a 6% enterprise-wide budget cut. For my department that would have meant a $3.2 million reduction—impacting programs, services, and personnel.
But because I had spent years educating leadership on how security materially safeguards people and assets, the company president asked to meet with me personally to review the proposed cuts. After a 30-minute discussion, he said, “I know what the folks in security do and how important their work is—you can’t make all those cuts.” Instead, he asked me to trim just $180,000 from travel and training—far less than the original target. Every other corporate service function was held to the full 6% cut. That moment was a major win.
Similar scenarios played out over the years. Time and again, when security’s budget, reputation, or mission was threatened with resource cuts or attacks by ill-informed newcomers to the organization, seasoned executives stepped up to defend the team—the ultimate protectors of the company’s most critical assets.
The Importance of Personal Connection to Influence and Engage
Insight From
George Campbell
Your team, regardless of how it may be organized and staffed, needs to know you care about them on both a personal and professional level. This this the cornerstone of building a TEAM. My first objective was to reach out at all levels and listen; to get feedback on how they saw their place in our organization and where they wanted to go in the future. Along the way we spent a lot of time working with HR and our functional managers on goal setting that emphasized cross-functional opportunities and team building. We hired with team vision. I specifically worked throughout my time as a CSO to be approachable, genuine and open to ideas on where we could improve our operations. Where we saw our colleagues failing on these positives, we counseled and monitored for improvement. We learned together that when you communicate and lead like this, individuals will trust and go the extra mile to deliver with loyalty, confidence and pride in results. Big positives found that this open and inclusive culture were that our people were invested in the team’s success, they were magnets for recruiting and retaining the best people.
Our management team still stays in touch after over two decades and a dozen of those who served have become top security executives in firms.
When that practice of a caring and trusted connection follow to our stakeholders we build bridges that create partnerships and enable business process protection. Trust is the fuel for engagement with our clients, especially with the business we are in. I got some very honest feedback early on from our key executive stakeholders that we were failing in connecting and trust. This set my priorities and internal/external communication strategy for the next two years. It paid off. Executives now came to us with their risk concerns and acted on our mutually developed security objectives.
As the business evolved on a global basis, we were at the table asking, “what if” and partnering for robust security infrastructure with stakeholder support. We built a partnership with HR and our internal controls colleagues that delivered a shared approach to enterprise resilience. I briefed top management on a regular basis on our programs and metrics in support of their business objectives. We were an active, connected part of the business.
It is said that strategy outlines the way forward and the connections deliver the results. Connecting on a trusted, personal level with our team members at all levels and stakeholders across the business facilitates our ability to influence and engage that delivers far more measurable and collaborative results.
Advanced Adversaries and Organized Crime Require Continually Improving Integrated Services
Insight From
Francis D’Addario
For us, in the 1970's and 80's our key to success was crime analysis. As early Holmes enthusiasts for Doyles' "Data, data, data, I cannot build bricks without clay" seemed foundational for investigative collaborators and teams. The Crime Prevention Through Environmental Design (CPTED) success at 7-Eleven (90% improvement in robbery homicides, etc.) was largely due to university research findings for contributory circumstances (e.g. excess cash, little or no security awareness/devices/processes) poor lighting and visibility, proximity to escape routes, and remote cash handling at the back of the store, etc.) Adapting public safety proven practices to the private sector operational opportunity was integral to reducing injuries, losses, and tracking multiple offenders for accountability. The Texas brand, once at risk for losing its workers compensation insurance in its home-state, became a respected global brand.
At Starbucks Coffee and elsewhere in the next millennium, we found that both experienced team members and rigorously trained newbies were capable of informing each other on the criminal nuances of who, what, when, how, and why? It turned out that even young apprentice investigators were formidable interviewers by phone or virtually, when in command of the facts and process; particularly, when equipped with exceptional sales or supply chain reporting data, and SCAN-analyzed written statements. Suspect statement writers' "first version of the truth" seldom held up to additional scrutiny. Ninety percent admission rates were not uncommon, even before systems were fully integrated and time synched. Starbucks Partner and Asset Protection became a valued business partner with annual after-cost contributions of $26 Million.
Why Security Starts with Understanding the Business
Insight From
Mark Kelly
My “ah-ha” moment as a security leader came when I realized that meaningful security work requires a deep understanding of how the business truly operates—from line-level realities to customer delivery expectations. Only then can security be framed not as a cost center, but as a driver of value, efficiency, and competitive advantage. When you can articulate and demonstrate business enablement through security measures, the C-suite listens in a very different way.
Two experiences cemented this for me. In one case, GPS tracking devices were originally deployed to safeguard high-value loads, but by leveraging the telematics data they produced, we improved on-time delivery predictions and gave warehouse teams visibility into inbound shipments—allowing them to reduce overtime and staff more efficiently. In another, AI-enhanced CCTV systems initially installed for loss prevention were adapted to detect slip-and-falls, track inventory movement, and flag unauthorized access. This not only reduced workers’ compensation claims but also accelerated incident response times. In both cases, tools designed for traditional security purposes were transformed into multipliers for cost savings, operational efficiency, and customer satisfaction. That shift—seeing security as a strategic enabler rather than a narrow function—is what changed everything for me.
Security Leadership Starts on the Front Lines
Insight From
Dean Correa
As Security practitioners, to serve the business best you and your team should learn how your company makes money and loses money. Talk to people in the field that you serve. Ask them about their challenges and what processes, tools, technologies would make their jobs safer. At Starbucks and Walmart, my team and I would work in the stores multiple times a year during peak periods. Some of our most impactful programs were born from those interactions. Create your Security mission statement by adding a sentence to your company’s existing mission statement that describes how your function supports your company.
In terms of leading people, ensure your team has input into the strategy and can explain it to others across the company in 1 minute or less. At Walmart, when my team and were asked our role in the company, we didn’t reply with our job title. Instead, our answer was “We help ensure product arrives to our stores safety and securely.” Our customers in the field immediately understood how we supported them, and then they would ask how we did that. Encourage your team to get a mentor and become a mentee. Enable them to get involved in external associations that will help them grow as leaders and security practitioners.
Adapt, Network, and Never Stop Learning
Insight From
Phil Hummel
When I started as a market operations manager with Starbucks in 1990, the company had just forty-two stores. I quickly realized there was no system to track shrinkage for coffee-based beverages, which made up over 70% of sales. Since milk is about 90% of the cost in each beverage, an internal accountant and I worked together to create a model for optimizing coffee and milk ingredient costs for coffee-based beverages. This allowed us to pinpoint where shrinkage was happening and develop strategies to address it. For example, we uncovered milk vendor theft exceeding $100,000 in one market. At the same time, we identified stores with high beverage ingredients shrinkage due to either poor production or theft and created plans for operation teams to tackle these problems, even though resources were limited. Overall, these efforts cut shrinkage by 1.5%. This model remains in place and adjusts for new products, demonstrating the value of developing an internal network.
As a restaurant operations professional, I realized the value of expanding my expertise when becoming a security professional. By connecting with leaders in the restaurant and non-restaurant security sectors, I gained access to experienced mentors who helped me solve unfamiliar problems and one even became my supervisor. Networking enriched my understanding and improved my effectiveness in protecting employees, assets, and the brand.
I identified this early on, and I acquired the CPP certification which enabled me to become an asset protection director at Starbucks, unlike others within the industry that I have observed whose failure to enhance their professional skills stagnated when they did not pursue ongoing development. Developing one’s skill set is now even more important for both career growth and survival within the industry.
Restaurant security accountability now covers much more, which was primarily theft and employee safety risks as it was three decades ago when I became a security professional. Six years ago, my last restaurant security management role expanded to include restaurant and corporate security, executive protection, insurance, overall employee safety, and leading risk mitigation efforts; my successor also managed food safety, which is increasingly common in the restaurant industry. As AI integrates non-security functions across multiple departments into security departments, embracing change, networking, and continuous skill development to remain effective in our roles.
Perfection Isn’t the Goal—Progress Is
Insight From
Kathleen “K2” Kotwica
Unlike most of my colleagues, I don’t have a security background. I was a research associate and after that I was a member of a web team. Both taught me the value of “versioning.” In my quest for perfection, be it a research report, a web page, or an article, I was reluctant to let it go to an audience. But with science and web development, there are iterations - nothing is or needs to be a “final” - it always evolves.
Once I grasped that idea and used it for my own good, it reduced my concern that something I created was not good enough. I can call it V.1 and it can go out with the reassuring feeling that I can always enhance it over time. I brought that idea with me when I started at the SEC - we version what we create. I have shared this idea with colleagues and they in turn have shared this idea from time to time with our clients.
Security Can Align Strategy and Support with the Right Story
Insight From
Liz Lancaster-Brisson
One of the biggest lessons I’ve learned is that security’s impact depends on its ability to tell a clear, consistent story about who it is and how it brings value to the business. Too often, programs jump straight into prescriptive messaging—activities, technologies, risks—without first establishing an internal brand value narrative. When that story is missing, leaders misunderstand the function, support stalls, and security is forced into a defensive posture.
The most effective security leaders use a strategic “storyboard” that translates complex work into tailored messages for different audiences—from executives to employees to internal customers. This story includes the program’s evolution, current and future priorities, capacity and resource realities, business value metrics, and emerging risks that matter to the enterprise.
When security leads with clarity instead of complexity, everything changes: sponsorship grows, cross-functional alignment improves, and the organization begins to see security as a business enabler rather than a cost center. In the end, security rarely fails because the work isn’t good—it fails when the story isn’t told in a way the business can understand.
The Road Ahead
The insights shared offer more than stories—they provide a roadmap for anyone seeking to lead with impact in the security field. These lessons learned reveal practical strategies you can apply today: building trust through authentic connections, understanding the business you protect, adapting to change, and embracing progress over perfection. This is wisdom earned through decades of experience—we hope it can provide some light on your path to success.
Our clients value the skills and experience we provide to help overcome their challenges.
Contact Us to discuss how we might assist you.
