“People may change jobs, but they don’t leave the security industry” – Bonnie Michelman on resilience and relationship building in security

James Moore discusses the importance of industry association engagement and resilience for security professionals, especially in times of crisis, with Bonnie Michelman CPP, CHPA. MBA, MS, who was named IFSEC Global Influencer of the Year in 2022.

The chat also touches upon Bonnie’s role as ASIS President during the 9/11 attacks, and the many security challenges facing the US healthcare sector that Bonnie contends with in her role as Executive Director of Police, Security & Outside Services at Massachusetts General Hospital and Mass General Brigham Corporation.

Bonnie Michelman, Executive Director of Police, Security & Outside Services at Massachusetts General Hospital and Mass General Brigham Corporation

What began as a slight diversion from law school, a master’s degree in criminal justice as well as an MBA has since turned into a hugely successful and rewarding career, explains Bonnie Michelman as we meet on a video call in mid-January.

Based in Boston, Massachusetts, Bonnie is today responsible for managing the security processes and team of the largest healthcare provider in the state, Mass General Brigham, which includes 13 hospitals and hundreds of satellites.

While initial exposure to the security industry began in sales and business development for a technology company, Bonnie quickly found her passion lay closer to operations and management, soon moving to become security manager at a Fortune 500 global organisation, and eventually on into the healthcare sector, where she has remained ever since.

Having now spent 30 years with her current employer, Bonnie has witnessed and dealt with an array of challenging situations and environments in and outside of healthcare security, watched the sector diversify for the better (though acknowledges there is still work to do on this front), and developed her own skillset through a network born out of voluntary involvement with several industry associations.

The full conversation is also available to listen to in Episode 10 of the IFSEC Global Security in Focus podcast, here!

Relationship building and a sense of community

“I’ve been privileged to be president of three international security organisations – the International Security Management Association (ISMA), ASIS International and International Association for Healthcare Security and Safety (IAHSS). I’ve been involved with each as a member and part of their boards for several years, and in doing so, have gained a really strong foundation for not only the security and enterprise risk profession, but also in leadership, bureaucracy and strategic planning skills.

“Security is quite a unique industry, in that there is very little turnover of people to outside of the sector. People change jobs, but they don’t leave the industry. Relationship building, which is enabled by joining associations such as those I’ve been a part of, is so important when you’re doing something that is as mission driven as security is.

“It’s wonderful to do it with other people that have the same passions and challenges that you do. It’s why, in many ways, I see security as a large extended family.”

Speaking to others in the sector – not just in the United States but also in the UK and across the globe – we regularly hear similar sentiments shared by those in leadership positions in security.

Indeed, this sense of  an extended family with shared experiences that sits at the heart of security associations was never plainer than in September 2001.

The attacks on 9/11 shook the world – with the security industry very much at the heart of what had happened and its aftermath. The events struck during Bonnie’s time as ASIS International President, and as she recalls, it was an extremely challenging and emotional environment.

“I probably received, within the first 24-48 hours, over 5,000 emails, calls or messages from ASIS members around the world expressing their support and asking what they could do to help their security peers in the US. It was an incredibly challenging time – understandably, every organisation and public department in the country turned to their security teams to talk about emergency planning.

“We were also due to hold the ASIS GSX Conference just a few weeks later. While we questioned whether we should postpone, I’m so glad we didn’t, looking back at it. The emotion was palpable, but it was probably one of the busiest events we’ve ever put on – it was so clear that security professionals needed to be with their peers to discuss best practices, their own experiences, and develop innovative next steps and procedures.

“As for what came out of it, I created ASIS guidelines which have helped implement significant changes since and helped to create a very different security industry. Organisations suddenly understood the importance and value of security within their own business operation.”

“I probably received, within the first 24-48 hours, over 5,000 emails, calls or messages from ASIS members around the world expressing their support and asking what they could do to help their security peers in the US. It was an incredibly challenging time – understandably, every organisation and public department in the country turned to their security teams to talk about emergency planning.

Developing resilience as a security professional

After her time in both full-time and voluntary roles in the security sector, what does Bonnie thinks makes a good security professional, though?

Interestingly, Bonnie believes the inherent traits all good security personnel have focus on softer skills. Resilience, she explains, is key. It is not an easy environment to work in, and calmness and confidence are crucial in crisis management situations, as well as in dealing with executive teams who don’t always see what you see coming down the road.

“Part of this resilience is also excellent strategic skills, too”, adds Bonnie. “As a security leader, you have to be able to think strategically and critically, and communicate decisions effectively and precisely. With everything going on in the world today, which social media often exacerbates, security professionals have to be the voices of reason. And this comes back to the importance of associations – to do so, we have to ensure we’re continually working with each other on guidelines and standards to keep up best practice and give back to the rest of the security community.”

As part of this ‘giving back’, Bonnie actively mentors and supports other security professionals in their career development. Having originally set up the ASIS International mentorship programme with David Gibbs, she has also taught for 25 years at Northeastern University and set up mentorship programmes for students.

“Mentoring is very important, in any sector. It’s almost like executive coaching that you don’t have to pay for, but mentees have to work at it as well. It’s a two-way relationship – they need to do some introspection and determine where they want to be in five or 10 years’ time, so they can take something away that’s substantial.”

The US Healthcare sector – A growing list of emerging threats

In a recent podcast, we spoke to Roger Ringham, Chair of the National Association for Healthcare Security (NAHS), and Darren Chalmers Stevens from CriticalArc here in the UK. Throughout our discussion, both noted the significant pressures the healthcare sector was under, and the emerging threats that our bubbling under the surface.

Massachusetts General Hospital

It would appear that the same can be said ‘across the pond’. Being responsible for 13 hospitals, over 1,000 site facilities, a major corporate HQ and around 90,000 employees, Bonnie can fairly claim to have an excellent understanding of both the broad and day-to-day security threats the sector faces at present.

COVID-19, inevitably, created several new challenges. While a reduced staff workload due to the direct effects of a global pandemic were difficult to plan for, what was even more difficult to predict was the longevity of the situation, which spiralled into a mental health crisis.

Staff on 12-16 hour shifts who couldn’t hug their children and loved ones due to the contamination risk, or who weren’t able to get into work due to fear of infection, were significantly impacted. Meanwhile, patients who were directly affected by the virus, or who couldn’t access healthcare due to an overloaded mental health support service, could quickly result in problematic and unsafe environments for them and those around them.

Outside of COVID, Bonnie explains that while the sector doesn’t suffer from active shooters to quite the same levels as others in the US, there has been a substantial increase in violence in recent years.

“Violence is an ongoing and significant challenge to my teams and our staff. There are several obvious reasons for this – high levels of stress, patients suffering from behavioural or mental health issues, homelessness or gang violence, for instance – but also from extremist protestors, from everything from stem cell and animal research to anti-abortion and transgender care.

“That’s not to mention the growing cyber threat. We work very closely with our CISO colleagues, running joint investigations when incidents occur and joint emergency preparedness drills, but the cyber risk is very real now.

“So yes, healthcare faces many threats. But what I love about working in this sector is the fact I get to work alongside many incredible colleagues. Both within my team, and those adjacent to us in the clinical departments, we care deeply about taking care of everyone – from staff and employees, to patients and visitors.”

The challenges are clearly apparent, but Bonnie once more points to her additional roles with ASIS, ISMA and IAHSS, and her network of security peers, for pushing her to embrace innovative ways to lead her teams to deal with the many threats.

Bonnie concludes: “The fulfilment I have received from this industry and the mission is immeasurable and has sustained my passion and hard work for many years.”