Leadership Solutions


Are You Fairly Compensated?

The results from this 2012 Security Barometer show an even split on the opinions of the 80+ security practitioners polled. Half of the respondents felt they were fairly compensated and half didn't. Compare this to the results from this same question asked in 2010 where only 25% felt fairly compensated.

Why We Are Not Fairly Compensated?

The most common reasons given for not being fairly compensated revolves around the ability to communicate the value security brings to the organization. According to practitioners' responses, educating business executives to view security as a business function that adds value beyond meeting direct legislative or regulatory requirements is a very difficult task.

For a few organizations, cost cutting is being held responsible for low compensation. However the effect of the slow economy on compensation appears to be easing. A surprising number of respondents reported that other business functions in their organization are seeing increases in compensation while it is the security function that is being left behind. Even among this group the common theme is that the insufficient compensation is tied to the inability to communicate why security is necessary for efficient revenue generation.

Why We Are Fairly Compensated?

The reasons given by those practitioners who feel they are fairly compensated were clear. This group was able to sell the security team (or their own skills) as a positive to the bottom line. Organizations that recognize the value of security in meeting their revenue goals demonstrate this in their concern for the development and well being of their security employees. Consequently, their employees end up feeling fairly compensated.

2012 Security Barometer Results:

How Can The Situation Be Improved:

At all levels and functions, compensation is related to the ability to demonstrate the value being brought to the organization. The Council has spent years gathering information from current and former risk managers and about what works and what doesn't when it comes to communicating value. This knowledge has been successful in helping risk managers demonstrate value resulting in everything from position preservation during executive management shake-ups to promotions and increased awareness / funding for programs.

Here are a few take-aways from the Council regarding communicating the value the security function brings to your organization:
  • A singular method of communication will not work with all people. Just as some people react to facts and figures while others attune to personality and emotion, each organization has their own corporate culture and the messaging must change to match the audience.
  • The use of fear, uncertainty and doubt is not an effective of method of communicating value. Any gains using this method will be temporary and frequently backfire.
  • Remember that there are many ways to influence revenue. Increasing revenue is not always accomplished through product design or additional sales personnel. Organizations can increase sales by creating more efficient processes. For this example look at how your security program increases supply chain effectiveness, quality assurance, or preserves revenue through theft and fraud prevention.
  • Some organizations have a strong customer focus. For these organizations elements like safety, quality of goods and services, or even business resilience can be used as selling points to customers. In these situations your sales reps may be able to leverage your security program to their advantage when selling to customers.
  • Employee well being is considered critical to most, if not all, organizations. Demonstrating how security provides comfortable and safe operating environments can lead to making the connection with revenue that business executives demand. Don't forget the role that community involvement can play; public-private partnerships can increase employee security as well as brand awareness.
  • Social media has reinforced the lesson that your customers can be your best allies in communicating your value proposition to others. Consider performing an internal customer value analysis to identify who values your services and how to maximize your value to the organization.

2010 Security Barometer Results:

The latest results are an interesting contrast to what was gathered from this same question in 2010. The difference in results tends to indicate that either compensation for some is improving or that practitioners are coming to grips with slow economic growth.

Next Steps:

We operate in an environment where nothing bad happening is a good thing. Unfortunately "nothing happening" is not such a good thing when it comes to executive awareness of the security function and resultant compensation.

To optimize your program and its ability to demonstrate business value seek the people who have extensive successful experience at value communication with executives and board members. Contact the Security Executive Council at contact@secleader.com. There is no obligation and nothing lost in discussing your particular situation with the Council.