Women in Security: Empowering the Future of Risk Leadership

Security leadership doesn’t look like it did ten years ago.

Today’s environments move faster, threats cross boundaries, and reputational damage can spread before an incident report is even written. The job is no longer defined by presence alone. It’s defined by judgment, coordination, and prevention; often across people risk, operational risk, and cyber-physical threats.

To celebrate Women’s History Month, we’re spotlighting a few of the leaders helping shape that reality inside Chesley Brown. The insights below come directly from Chesley Brown leaders across different roles and regions. What connects them isn’t a title, it’s a shared definition of what great security leadership looks like now: proactive, human-aware, and built on trust.

The most underestimated risk is still human behavior

It’s easy to think about risk in terms of systems: cameras, access control, dashboards, automation, cybersecurity tools.

But some of the most damaging incidents start with people—habits, shortcuts, missed fundamentals, or deliberate manipulation.

As Managing Director Alyssa Griffin puts it, leaders often underestimate:

“Human caused cyber-attacks, vulnerabilities created not by technology but by people. Over trusting automation, neglecting basic security habits, and falling for manipulation tactics such as social engineering.”

That’s an important reminder: the presence of technology can create a false sense of security. Automation can assist good judgment, but it can’t replace it. And no tool can compensate for a culture that overlooks basic security behavior.

A strong program doesn’t just deploy systems. It strengthens fundamentals: consistency, reinforcement, and awareness, especially around social engineering, which targets the human layer of every organization.

What mature security programs do differently

Most organizations can respond to incidents when forced. The bigger question is whether they reduce the odds of incidents in the first place, and whether response is stable under pressure.

Ms. Griffin draws a clear line between reactive security and mature risk leadership:

“A mature security program operates proactively, using clarity, consistency, and disciplined processes to anticipate threats rather than respond to them. Instead of scrambling when something breaks, it builds repeatable practices, strong visibility, and a culture of preparedness that reduces both risk and chaos.”

That phrase: reduces chaos, matters to leadership teams.

Executives don’t just want incident response. They want operational reliability: fewer disruptions, fewer surprises, less reputational whiplash, and fewer moments where everyone is improvising at the same time. Mature programs don’t depend on heroics. They depend on repeatable, disciplined practices that hold up when stress hits.

The trait that matters most in high-stakes moments

When situations escalate, leaders aren’t measured by how loudly they react. They’re measured by how steady they stay.

Ms. Griffin names the trait that keeps teams aligned when information is incomplete:

“The most critical trait in high-stakes moments is composure. When pressure is high and information is incomplete, the leader who stays steady can think clearly, filter signal from noise, and make grounded decisions that keep the team aligned and focused.”

Composure is not passivity. It’s control.

It keeps teams from chasing rumors. It prevents overreaction. It makes room for verification. And it helps leaders communicate clearly, especially to stakeholders who need direction more than they need drama.

In modern risk environments, composure is a force multiplier.

Trust is earned faster when security behaves like a partner

Security leaders often step into environments where trust is not automatic. Sometimes there’s skepticism based on past experiences. Sometimes there’s tension across departments. Sometimes priorities compete.

Regional Managing Director Nicole Harris describes her approach:

“Earning trust is not about proving myself, it’s about creating a foundation of partnership, accountability, and mutual respect that allows for success across the board.”

That’s the difference between security that creates friction, and security that creates alignment.

Ms. Harris also identifies the skill that makes operational expertise usable:

“Communication is the most important skill for modern security leaders because it’s what turns both operational expertise and strategy into real alignment and trust. Without it, even the best plans and instincts fail to connect.”

This is one of the most underappreciated truths in corporate protection: execution depends on buy-in. And buy-in depends on communication that is clear, direct, and consistent across stakeholders.

Ms. Harris’s leadership philosophy is simple and practical:

“Be firm but fair. Approach the situation as you would an investigation, gather input collaboratively, make a clear decision, and explain the reasoning, so everyone stays aligned even when the outcome is definitive.”

That’s what professional risk leadership looks like: listen, assess, decide, explain.

AI is changing accountability, not removing it

New risks aren’t only human, they’re increasingly automated.

Ms. Harris points to a modern reality many organizations are still catching up to:

“AI is woven into everyday workflows, which means leaders are suddenly accountable for decisions made by systems they may not fully understand… we’re also navigating autonomous actions and outcomes that require a completely different level of oversight, judgment, and readiness.”

This is where security and leadership converge.

Organizations don’t get to outsource accountability to a tool. Security leaders need enough fluency to ask the right questions about AI-driven workflows, evaluate how decisions are made, and define what escalation looks like when systems behave unexpectedly.

In practice, that means governance. It means having clarity around what AI touches, how outcomes are validated, and who owns the decisions when automation is involved.

Leadership pipelines are built through opportunity and sponsorship

The security industry talks about leadership development constantly. But development isn’t only training. It’s access. Ms. Griffin names one barrier women still run into in security:

“Exclusion from the informal networks and credibility shortcuts that often accelerate careers for men… Women often have to prove themselves repeatedly while navigating environments that weren’t built with them in mind.”

Ms. Harris describes a similar challenge: narrow assumptions about what a security leader “should” look like, and what changes the outcome:

“Women in security still face cultural barriers… because there’s still a narrow stereotype of what a ‘security leader’ is supposed to look like. The way forward is intentional: increasing visibility, empowering women with meaningful opportunities, and positioning them for success in the moments that matter most.”

On the other side of that equation is what helps people rise. Director Olivia Jackson describes sponsorship in a way that every leadership team should pay attention to:

“Sponsorship has been especially meaningful. Having leaders advocate for me in conversations I was not present for and intentionally bringing me into rooms I may not have otherwise been in, created opportunities for visibility and growth.”

That’s the difference between good intentions and real outcomes. A pipeline grows when emerging leaders get:

• meaningful responsibility,
• clear feedback,
• and advocacy that creates visibility.

Ms. Jackson’s recommendation is direct:

“Development is not only about formal training. It is about access, advocacy, and being surrounded by people who want to see you succeed.”

The security profession is evolving, and the work is more human than ever

One theme that came through strongly from emerging leaders is that security is increasingly defined by professionalism, de-escalation, and relationships, not aggression.

Ms. Graça put it plainly:

“I like that the security industry is shifting its focus towards ‘how can I help?’ de-escalation strategies and moving away from more aggressive tactics… Chesley Brown is working towards changing the stereotypes surrounding security officer presence.”

She also offered a key leadership lesson that applies well beyond the frontline:

“Clear and direct communication is very important. Being overly agreeable or overly nice usually does more harm than good.”

That’s not toughness. That’s clarity. And clarity is what prevents misunderstandings from becoming incidents.

Ms. Jackson echoed how relationship-driven the work really is:

“From the outside, security can seem focused mainly on enforcement. In reality, much of the role centers on communication, professionalism, and building trust.”

That’s modern corporate protection: not just responding to problems but shaping an environment where fewer problems happen in the first place.

In Conclusion

Women’s History Month is an opportunity to recognize leaders who are already shaping the future of this profession. But recognition is only part of the point.

The bigger point is to build and invest in systems that create more leaders by design, not by accident.

If you’re an executive, an HR leader, or a security leader working to strengthen your organization’s risk posture this year, focus on a few practical moves:

• Reward composure and clarity, not just urgency
• Treat communication as a core security competency
• Build repeatable practices that reduce chaos under pressure
• Create real opportunities for emerging leaders to lead
• Sponsor talent intentionally, especially outside informal networks

Modern risk leadership is built on trust, preparedness, and steady decision-making. The women featured here are doing that work every day, quietly raising the standard for what security leadership looks like.