How to Thrive Under Pressure as a Solo Security Director

At GSX 2025, security strategist Ken Carrasco offered actionable models to help solo security directors focus priorities and align with organizational goals.
Oct. 15, 2025
3 min read

Key Highlights

  • Use structured models like SWOT, the Eisenhower Matrix and VSEM to balance strategy and daily operations.

  • Communicate in business language, not security jargon, to build trust and influence across departments.

  • Focus on enabling the business through collaboration, transparency and clear priorities.

SecurityInfoWatch
Ken Carrasco speaks at GSX 2025 in New Orleans, sharing practical frameworks to help solo security leaders align strategy, execution, and communication within their organizations.

Ken Carrasco speaks at GSX 2025 in New Orleans, sharing practical frameworks to help solo security leaders align strategy, execution, and communication within their organizations.

Being a “department of one” doesn’t mean going it alone. During his GSX 2025 session “An Army of One: Thriving as a (Solo) Director of Safety & Security,” security strategist Ken Carrasco shared a set of structured models and leadership habits to help professionals strengthen their impact when managing safety and security operations singlehandedly.

Carrasco began with a personal story illustrating how fear of judgment once limited his confidence when engaging executives. His takeaway: security leaders must shed hesitation and embrace vulnerability to communicate more effectively. “You must overcome that fear,” he said, “otherwise everything that follows doesn’t matter.”

Start with clarity and structure

Carrasco emphasized the value of assessment frameworks during the first 90 days in a new role. His approach begins by categorizing all observations into three domains — people, process and technology — before applying a traditional SWOT analysis to separate internal and external factors.

He then measures operational maturity against a four-step ladder: ignorance, negligence, compliance and operational excellence. The exercise, he said, helps identify the biggest gaps and opportunities early.

“I use this framework, especially when I'm unfamiliar with the vertical that I'm working in,” he said. “The idea is to begin to figure out what needs to be addressed first.”

Prioritize what matters most

Time management and resource prioritization, Carrasco explained, require discipline and self-awareness. Using the Eisenhower Matrix popularized by Stephen Covey, he urged attendees to spend the majority of their time in Quadrant 2: important but not urgent work that advances long-term goals.

“Time management tools aren’t for doing more in the same amount of time,” he said. “They’re for ensuring you do the most important things first.”

His daily strategy framework blends prevention, early intervention and response, allowing leaders to balance proactive and reactive duties. For security practitioners, this translates to combining skills and drills, data-informed decisions and accountability across teams.

SecurityInfoWatch
A slide from Carrasco’s GSX 2025 presentation illustrates the VSEM model — Vision, Strategy, Execution and Metrics — drawn from 'The Collaboration Imperative' by former Cisco executive Ron Ricci, used to align security objectives with broader business priorities.

A slide from Carrasco’s GSX 2025 presentation illustrates the VSEM model — Vision, Strategy, Execution and Metrics — drawn from "The Collaboration Imperative" by former Cisco executive Ron Ricci, used to align security objectives with broader business priorities.

Align with the bigger picture

To sustain progress, Carrasco advocated for the VSEM model — Vision, Strategy, Execution and Metrics — introduced in “The Collaboration Imperative” by former Cisco Systems executive Ron Ricci. The model creates a shared vocabulary between security and business leadership by linking corporate vision to measurable objectives. He noted that ambiguity is “the enemy of alignment, collaboration, and influence.” Eliminating it requires clear metrics, defined responsibilities, and transparent communication.

Carrasco compared security strategy to designing a maze, guiding people safely to their goals rather than blocking their way. “Your job isn’t to hinder the business by enforcing policy,” he said. “It’s to enable business to happen.”

Communicate, collaborate and build trust

Carrasco closed with practical communication advice for security leaders operating in business environments that may not fully understand their discipline. He recommended adopting corporate language instead of security jargon, distinguishing collaboration from teamwork and practicing transparency to build trust. Collaboration, he explained, is about aligning outcomes between groups with different interests, requiring empathy and diplomacy.

Ultimately, Carrasco reminded attendees that models are tools, not ends in themselves. The key, he said, is to use them consistently and connect with peers.

“Everything works — just not for everybody, and not all the time,” he said. “Your greatest resource will be your network of other security professionals and mentors.”

About the Author

Rodney Bosch
Email

Rodney Bosch

Editor-in-Chief/SecurityInfoWatch.com

Rodney Bosch is the Editor-in-Chief of SecurityInfoWatch.com. He has covered the security industry since 2006 for multiple major security publications. Reach him at [email protected].

Sign up for our eNewsletters
Get the latest news and updates

Related

Scope, Sophistication and Speed: Gen. Paul Nakasone Charts the Future of Security at GSX 2025
Risk Assessment Methods and Mitigation Strategies for Physical Security
Say Goodbye to Paper: The All-in-One Solution for System Integrators
Sponsored
The End of Guesswork: Perfect Camera Placement, Every Time
Sponsored

Voice Your Opinion!

To join the conversation, and become an exclusive member of Security Info Watch, create an account today!