Key Strategies for Successful Security Meetings

I had the opportunity to talk with Burns Engineering’s security practice leader, René Rieder Jr., about his wealth of experience meeting with C-suite-level executives to discuss security strategies. During our discussion, he shared excellent insights on how executives can best reach security success by adopting key best practices and avoiding common pitfalls.

CURTIS MARQUARDT JR.:
Let’s talk about what C-suite and other leaders need to do during security meetings to be successful. First, let’s start with the bad. What are the most common missteps or unproductive strategies you have seen from leadership?

RENÉ RIEDER:
One of the most frequent oversights I see is when leadership treats security as a formality—something to be “bolted on” after core business decisions have already been made. Whether it involves new facilities, technology deployments or organizational changes, incorporating security too late in the process often results in costly retrofits that cause operational friction or leave gaps in protection. When leaders perceive security as merely a compliance exercise rather than a strategic function, its full value remains untapped.

Another misstep is prioritizing cost over consequences. While it’s understandable that executives are under pressure to manage budgets, security decisions driven solely by line-item pricing frequently result in poorly deployed solutions. The discussion then revolves around minimizing costs rather than identifying the most effective or scalable solutions for the organization’s needs.

A third prevalent issue is overreliance on fear or anecdotal incidents to justify or dismiss security programs. Although narratives can be informative, relying too heavily on a single dramatic event—or a prolonged history without incident—can lead to either overengineering or neglecting security measures. Effective security planning thrives on balanced approaches, where decisions are based on realistic threat assessments, business context and future growth considerations.

CURTIS MARQUARDT JR.:
There are times when people who do have meetings with leaders come in with tremendous ideas and plans but may have difficulty communicating them effectively. What do great leaders do in these situations to help get those ideas out?

RENÉ RIEDER:
One of the most impactful actions a leader can take is to ask insightful questions. Rather than quickly moving through discussions and PowerPoint slides, I like to pause and ask clarifying, open-ended questions such as: “What problem are we addressing here?” or “Could you elaborate on the business implications of this security design approach?” These questions prompt discussion rather than deliver conclusions.

Another effective strategy I’ve used is real-time question translation. Executives often serve as intermediaries between technical specifics and business objectives. If a concept is sound but poorly communicated, reframe the question by paraphrasing the message and seeking confirmation. For example: “So, your concern is whether this solution will reduce our response time and enhance continuity during an outage?” Rephrasing comments into questions opens the door for deeper exploration and keeps the executive audience engaged. This collaborative clarification fosters trust and improves communication.

Leaders who foster a culture of trust and psychological safety create environments where individuals feel comfortable sharing ideas, admitting mistakes and discussing sensitive topics like system vulnerabilities. While this may not happen in the first meeting, consistently supporting ideas and remaining curious when questions are asked will pave the way to deeper insights and more effective solutions.

CURTIS MARQUARDT JR.:
Looking back at your experience in meetings with executives, what are the questions leaders should be asking that they often don’t?

RENÉ RIEDER:
One missed opportunity I often observe is the failure to ask, “What does this security investment enable beyond risk reduction?” Security is typically framed as an expense or insurance policy, but it can also serve as a business enabler. A well-designed solution could accelerate recovery time after an incident, enhance brand trust or improve employee and customer experience. Framing the investment in terms of total value—not just cost—will initiate more strategic conversations.

Another important question rarely asked is: “How will this security solution scale or adapt over time?” Many security programs are created to address previous issues or the “challenge of the day.” Effective leaders encourage their teams to consider flexibility, longevity and how the system can evolve with business operations, regulatory landscapes or digital transformation strategies. This future-focused approach helps avoid major overhauls when business needs change.

Another valuable, yet underasked, question is: “How will we know this is working?” Security outcomes can be difficult to measure, but strong leaders seek meaningful performance indicators. Whether it’s response times, incident trends, audit results or user compliance rates, a focus on accountability transforms security from a static expense into a managed performance area.

Leaders who consider these broader, strategic questions obtain more benefits from their security programs—not only in protection but also in business alignment, resilience and long-term value creation.

CURTIS MARQUARDT JR.:
What traits do the best C-suite leaders you’ve worked with have?

RENÉ RIEDER:
Regardless of industry or organization size, the most effective C-suite leaders I’ve worked with share five key traits that consistently contribute to stronger security outcomes and enhanced organizational resilience:

• They lead with curiosity rather than assumptions.
• They prioritize clarity over theatrics.
• They promote collaboration across departmental boundaries.
• They adopt a long-term perspective.
• They cultivate a culture of accountability.

The finest leaders I’ve had the privilege of working with in my career don’t simply approve security measures—they actively shape them. They view security not as an impediment, but as a lever for enhancing resilience, trust and strategic advantage.

About René Rieder Jr.:

René Rieder Jr., PSP, CPP, CSC, is the security practice leader for Burns Engineering, with more than 25 years of experience designing security solutions. His expertise spans vulnerability assessments, security master planning and the design of access control, video surveillance and risk mitigation systems. Known for his innovative yet practical approach, Rieder helps clients navigate operational, financial and regulatory challenges while enhancing their security posture.