News
My Security Journey: Karen Frank, Managing Director and Head of Firm Security Services, KPMG
Karen Frank’s path to her current role as Managing Director and Head of Firm Security Services at KPMG is lined with nearly 25 years of opportunities, pivots, advice and wisdom of mentors and an unflagging passion to serve others.
She’s built an international reputation as a trusted security leader—Karen joined The Security Foundation’s Board of Directors on January 1, 2024—for her executive leadership experience in enterprise security, risk management, justice administration, law enforcement and global IT infrastructure and service delivery. Karen serves on multiple professional and community service boards, including the global board of ASIS International and is a Council member for the Overseas Security Advisory Council, a Certified Protection Professional (CPP) and Certified Information Security Manager (CISM).
TSF spoke with Karen about her insights and reflections on her journey and the threads that connect every intentional step.
My early professional interest was in healthcare. I came from a family of healthcare professionals and spent high school summers working in a local hospital. I pivoted early in my college education to an interest in the legal system. [Karen has a B.S. in Law Enforcement and Justice Administration from Western Illinois University and M.B.A. from Illinois State University.] It was a summer internship at the Tazewell County Courthouse that exposed me to the criminal justice system and ultimately law enforcement.
I was drawn to a similar sense of service across healthcare and the legal system. The criminal justice system starts with law enforcement out in the field every day, supporting the general wellness of the community and protecting rights much akin to healthcare workers providing empathetic care to patients. It wasn’t the gender-specific exposure to the limited women locally in law enforcement that afforded me the greatest learning. Rather, it was by observing the collective empathetic and tireless servant leadership of the law enforcement, judges, prosecutors, child advocates and private attorneys, that I soon realized law school was not where I wanted to be. Law enforcement was the next step.
After only a handful of years in law enforcement, a senior member of the local sheriff’s office team asked me what I was going to do with the rest of my life. I said, “Do you want me to leave?” He said, “No, but you can’t do this position you’re in forever. What’s next?” He told me of an opportunity at a private corporation. My defensive and uninformed response was, “I don’t want to be a security guard.” He went on to explain the world of corporate security where another colleague had recently transitioned. Had he not taken that moment to share, my future would be entirely different. I went to a job interview without expectations and, years later, learned I only got the role after their first choice turned down the offer. Joining the private sector as a business investigator was an excellent transitional opportunity for a law enforcement professional. I was able to utilize my skills in understanding rules of evidence, interview techniques and that same sense of empathy applied when dealing with employees.
The ability to pivot depends upon the organization and a person’s desire to be open to change and diversity in experiences. Six months into the private sector, the company’s chief security officer changed. To this day, he remains one of my greatest sponsors and mentors, but in that first meeting I vividly recall the feeling that I was never going to survive the new strategy and organizational change. I was moved into a strategic project management role and encouraged to get an MBA if I wanted to keep progressing in the private sector. In security, there is opportunity to retool, upskill and continue to grow.
Private sector security is about risk management for diverse audiences. Strive to provide information to business decision-makers before they even know they need the information while recognizing the business risk tolerance and affordability for security varies from one company to another. The ability to understand what’s critically important and presenting information in terms that diverse audiences at varying levels of an organization can readily understand is differentiating no matter the security role.
I don’t think of being a woman in security as a gender challenge but a broader diversity challenge. It’s about understanding where each of us is coming from in that we all bring our whole self to the workplace. A traditional security expert and a cybersecurity expert can look at the exact same business issue from different lenses and experiences. When you bring those different views together, you get the richest outcome. Diversity in background, gender, cultures and a myriad of other facets are found in the most trusted and high-functioning security teams. I don’t think it’s exclusively tied to gender but rather that everyone on that team is rallied around a common mission as diverse servant leaders.
I try to be the sponsor, advocate and ally at every level as others were for me. The future is not the person sitting in the leadership chair today. It starts with the person that’s readying their career to be in that leadership chair tomorrow or years from now. I hold roles today because one time, along the way, there was a security industry recruiter who gave me the tough love feedback that I was not yet ready for my next move and she shared why. Another time, there was an executive who is now a CIO in a Fortune 100 company who welcomed me onto her leadership team in an IT organization I knew nothing about. It became my greatest leadership learning opportunity in trust and empowerment of teams.
The most important thing now is that we all walk the talk that we’re saying about diversity, equity and inclusion. Paying it forward is critical to the future success of the security industry overall. Give that half hour to have a conversation with transitioning military or law enforcement to be an ear on their journey. People giving me such time were those pivotal moments that changed my career. Accept the informational interviews with early-career professionals. Get comfortable being uncomfortable and share constructive feedback directly with people so they can learn and grow. Be intentional about development so people are prepared to have an actual opportunity to truly compete for future leadership roles. Admit that we, too, as leaders are a work in progress and be open to diverse feedback perspectives.
A career is a marathon, not a sprint, but we each run at different speeds and prefer different racecourses. Regardless, we all need coaches and cheerleaders along the way encouraging up the hills, while reflecting upon plateaus and celebrating mile markers. I firmly believe we are at an exciting point in the security industry. The silos are coming down with leaders and industry associations being more intentional in making diversity a developmental priority. In the future, diversity will simply become a natural part of the way we work as security professionals.