Global Management: How Security is Changing in Western Europe
Security management is truly a global profession. Every region of the world has threats that need mitigation; every organization has people and assets that need protection. But the practice of the profession is also influenced by local conditions—culture, business practices, economic conditions, and type and severity of threats—that differ from region to region.
With that in mind, this ongoing Global Management series from Security Management highlights security managers from different regions of the world to learn about the challenges they face and the management strategies that help them succeed.
In this installment, we turn to Europe. The countries in this tightly packed region each bear their own unique cultural hallmarks and security challenges, however, making managing across borders and with multicultural teams an ongoing and ever-shifting task that requires cultural intelligence and adaptability.
These conversations have been edited for length and clarity.
Bruno Kalhoj is the former head of the security and safety division at the European Central Bank, based in Frankfurt, Germany. In this role, he managed 59 internal security team members and more than 200 external security personnel, including technicians and security guards. His career began as an officer in the Danish Air Force before transitioning into the private sector in 2007. Throughout his career, Kalhoj has worked as the head of security and crisis management at Maersk Oil, head of security at global fashion retailer Bestseller, a regional security advisor in the Middle East for the Danish Ministry of Foreign Affairs, and an unarmed military observer for the United Nations.
You have experienced multiple transitions, both between public and private sectors and from consulting to management roles. How have you found your leadership style evolving through those shifts?
I think the first one was the most difficult. I had been in the military for 18 years, but the private sector is quite different—especially my first company because it was full throttle all the time. You didn’t spend much time on planning. For example, they wouldn’t do budgets because budgets were just a waste of time. If you only use the money you need to, why make a budget?
I had a conversation with the CEO one day and I said, “I think we have to take care that we don’t get it wrong.” He said, “No, I think we have to take care that we don’t get it done.” That was the attitude of the company, that we simply just need to go out and do it. For someone who came from the military where you check and double-check and plan everything, that was a bit difficult.
I think it was very much about trying to understand the culture of the business; you can only add value when you understand the business.
In terms of regional differences, how do you feel leadership and management is different in Europe, in Denmark, and in Germany where you operate now?
Denmark and Germany have a common border, but there’s a huge difference between them. Danish leadership is very consensus-driven. In Germany, they still look at the leader to make all the decisions. That was also why I think the transition at European Central Bank took quite a while because they were not used to being empowered. To actually empower them to be their own bosses—when they’re in their own area of responsibility—definitely took some time.
Scandinavia is very consensus-driven, very open, very empowering. If you go to certain parts of southern Europe, you are right based on the fact that you are the boss. No matter how wrong you are, you’re right. Then when you go to the former East Bloc, again, it’s very different. Sometimes employees lack initiative because initiative was never supported before.
You would find big, big differences within even countries that are close to each other. There’s a big difference between leading someone from Spain and someone from Portugal. It is also different from Romania to Bulgaria—many Bulgarian women are super, super cool leaders, but the same couldn’t be said for Romania.
You really have to employ that cultural intelligence. Sometimes you simply tend to forget that there’s much of a difference. So, whenever I did something wrong, I would praise my people for telling me. I remember one of my executive protection agents from Sweden—we had a conversation about his future, and he was in his late 50s, so I’m wondering what his plan is for the rest of his career. At some point, I said, “When are we getting rid of you?” or something like that. He definitely didn’t like that way of saying it. If it would have been to a Dane, he would understand I’m just jokingly asking “What is your next step?” But he didn’t. The good thing was that he came back—unfortunately, one and a half months later—to say he didn’t like it. Then I could reflect and say, “I’m so sorry that I wasn’t aware.”
If I were a security manager being transferred to an office in Frankfurt, what advice would you have for me on avoiding some of those cultural missteps?
I would take some courses on cultural intelligence, simply to be more aware of it. It’s a bit like unconscious bias. It’s something that you can train for, to have it in the back of your head that there are huge cultural differences. I think it is too easy just to say that, “Well, I’ll be careful and try to figure it out.” I would really say do deliberate training in cultural intelligence.
Do you find the role of a security leader is changing in Europe?
I wish I could say yes. I think it might become more recognized in organizations where you were lucky enough to have a good security manager because a good security manager understands that you need to add value to the company. But it’s not always the norm.
However, there is a new generation of very smart, young people, female and male, who really understand that security is about having business understanding and then security knowledge. Because no one ever added value to a company because they know a lot about CCTVs, guards, doors, or anything like that. It’s only when they take all that information and use it in a business setting, then they can add value.
For example, in our main building, we have about 700,000 security sensors, and they always have been seen only as securit sensors or alarms. We must be able to get better use out of that. So, we used our sensors and badges to make a heat map of our staff. Where is the staff? At what times? In what buildings? How many? Based on those heat maps, we started looking at the guard force in all of those places and we were able to either cut a full position, merge two positions, or merge two different functionalities. We were able to save €1.1 million ($1.3 million) for a year in three buildings. That’s massive. That has nothing to do with security—it has something to do with how to use data, how to digitalize, and how to use that in a smart way.
Have the challenges of 2020—from the COVID-19 pandemic to remote work—changed your leadership style?
It’s clear that you need to be able to lead from a distance. You don’t see people anymore, and I’m a people person. I thrive on coming to the office and seeing and talking to my people. Every morning when I got to my office, I would walk the corridor and say good morning to everyone coming in. I would always have an open-door policy so everyone would just be popping in whenever they felt like or we’d go have a cup of coffee. You cannot do that anymore.
As a leader, you have to be very conscious about making sure that your people are doing well because you don’t see it and feel it in the same way when you’re remote. Sometimes when you’re in the office and you see one of your guys coming in and he looks tired today, you go over and say, “What is it? Are you having a bad time?” You don’t see that much via WebEx. You have to be much more concerned about finding ways to reach out to people, and you should also make sure that your section heads and your team leaders do that a lot more.
While you may not be able to pick up on those clues on in-person anymore, at least that you hope that some of your team leaders can pick up on them. Then they could tell me, so I have the chance to connect with the employee directly.
James Morris, CPP, is the head of security services for the Europe, Middle East, and Africa division of Aon Business Services, based out of London, England. Half of Morris’s role is internal-facing, supporting the physical security of Aon’s property and information, and half of his role is external—serving as a security consultant and subject matter expert for Aon clients.
Previously, Morris served as a reserve soldier in the British Army and in private security contracts in the Middle East before spending six years as a security leader in the gold mining industry in West Africa before returning to the UK with a wide range of cultural and professional leadership experience.
What about your life experience, personality, or background helps to make you an effective security leader?
At university, I was studying aerospace engineering. I think I have an engineering brain. I enjoy looking at a problem and looking at different ways to solve a problem. I like details, I like getting information, I like understanding why something is happening, why something works the way it does, and I’m looking at different ways to go around it.
I also joined the Intelligence Corps when I was a reserve soldier, so again, my early role in the industry was as an intelligence analyst. I’m a firm believer in the value of a strong intelligence program to support a security program. I think that can sometimes be the difference between a good program and a very good security program—it is what you’re focused on. Sometimes I think we get too lost in what’s happening today and miss the bigger challenges that are coming over the horizon.
Looking at some of those security challenges, both the current ones and ones coming over the horizon, what are a few that you’re seeing in your role and in your region?
Crime is an issue for us,as well as fraud, insider threat, unrest, and political unrest. Also, the threat of terrorism is always there.
As a global organization, we are constantly striking a balance between assuring the duty of care of our employees, but also ensuring the business is able to go ahead.
I think one of the biggest things that we are also trying to consider at the moment, as a financial institution working in the City of London, is that we have a high degree of government oversight, which creates interesting challenges in and of itself. There’s huge concern around privacy and data privacy.
Obviously, there has been lots of focus on GDPR in the last few years. But ultimately, the push to having more people working remotely and people working from home, and this shift that we are seeing and I think we'll see for the foreseeable future, that’s a big concern of ours.
Also, climate change is certainly, I think, the big threat on the horizon. There are a lot of parallels between the potential impacts of climate change and what we’ve seen in the last year from COVID. Smart organizations will look at what’s happened with COVID and realize that there are huge benefits, obviously, from being global organizations and having large global footprints, but ultimately, that creates a much bigger chain of weakness. Ultimately, if you have one link in your chain that is broken, then that can really impact the wider business.
Given the reach of what you’re watching every day, how do you balance domestic threats and threats that are challenges within the UK versus the global risks?
I think a good security program is often about having the program in place thatis capable of handling the normal, and then having triggers in place that inform you when you hit outliers. If you don’t have a program built on strong fundamentals and you’re shifting constantly to deal with evolving threats or, frankly, to capture opportunities as they come up as well, then I think that’s unsustainable.
If you really want to be a security department that is valuable to the business, then be a security department that is gathering information and putting intelligence into the hands of the stakeholders who need it—intelligence that allowed them to make decisions to capture those opportunities when they come up.
I mentioned climate change. I still think we’re in a position right now where companies that act early are going to give themselves competitive advantages. As climate change develops and it impacts more and more people on a daily basis, companies that acted early have made themselves resilient—but they also have put themselves in a position to capture opportunities. Those are going to be in the companies that thrive.
How do you build and manage a security team that can do this?
Your team should be a jigsaw puzzle. I think a team where everyone looks the same, talks the same, thinks the same, has the same background in this type of approach is never really going to be an effective team. Sometimes one of the hardest things in building a team is looking at yourself and understanding your own weaknesses and understanding where you need to add complementary pieces.
I think in the past, as an industry, hiring managers looked at what they bring to the table and had decided they want somebody who’s a lot like they are. That’s not rebuilding a team. That’s just replication.
Do you feel like the leadership style in the UK is reflective of styles across Europe?
Thething about Europe is it’s made up of so many different countries that there’s so much variety. The UK is a bit of a bridge between North America and Europe, and we’re probably a little bit more like the United States than we are mainland Europe in a lot of respects.
I’m from the UK. I was born in the UK. I just spent 12 years living and working overseas, between the Middle East and Africa. When I moved back, I was quite surprised, working in an office environment in London, at the culture and the mind-set, because in a lot of respects, the culture in London is still quite old school—it's quite hierarchical. You’ll still have people go into an office five days a week, they’ll be in their suit and tie, and everything looks very similar—people look the same, they act the same, they talk the same. You have a boss, and you treat your boss a certain way.
I spent six years working in West Africa, where there’s much more of a culture where you walk into a meeting and you spend time talking to people and asking them how they are and how their families are. Meetings start late and they finish late because you’re spending more time talking. Whereas you walk into a meeting in London, people are five minutes early, you’re straight down to business, and it’s quite impersonal.
I think, however, driven by younger generations and different needs, but also different cultures, different mind-sets, different companies, and different approaches, the UK is starting to change.
If I were a security manager being transferred to an international firm’s London office, what sort of advice would you give me about leadership styles or cultural issues that could affect employee relations?
One of the things that I personally found quite interesting when I first moved back to London, and I found this to my detriment and to the detriment of my waistline, is that people in London like to drink. What I mean by that is, when I first came back, I started working for AIG, and probably a couple of times a week, the team after work would go out and have a beer or a beer or two. I initially thought,“Okay, this is a team going out and having a beer.” What I actually realized is that for good teams in the UK, it’s not just about people that you work with, it’s about building a relationship.
We would go for a beer, but then, beers after work became a barbeque on the weekend, or it became online video game playing or watching the hockey playoffs together. It’s not just about work. It’s about how you spend so much time with these people, talking with these people, that it isn’t just about what happens between 9:00 a.m. and 5:00 p.m. You have a bigger relationship with the team.
My current team in Aon, we used to go out to dinner at least every month. It became more than just what was happening in the office, and I think the team is better as a result of that.
Yes, we do still have that slightly hierarchal element sometimes. That is something that can be a bit of a shock to the system. London is a bit of a funny one. It can be quite old school, but these little spatterings of youth and slightly more innovation that’s coming to it as well.
Claire Meyer is managing editor for Security Management. Connect with her on LinkedIn or via email at [email protected].