Britney Hommertzheim, Director of information security,  AMC Theatres
Britney Hommertzheim, Director of information security, AMC Theatres

She transitioned from military theaters of operation to movie theater operations, but AMC Theatres Director of Information Security Britney Hommertzheim still knows how to draw up a battle plan when it comes to developing and deploying secure IT processes.

Now in her third year with Kansas City-based AMC, Hommertzheim reports directly to the $3.2 billion theater chain's board of directors, while also serving as the security advisor for AMC's international divisions Odeon Cinemas (Western Europe) and Nordic Cinemas (Scandinavia and the Baltics).

In this capacity, she personally hand-picked a team of professionals to execute a strategy and technology roadmap that she designed to turn AMC into a security-first organization rather than one that settles for a compliance-based approach.

“In the last 12 months AMC has become the largest theatre exhibition company in the world. It is my responsibility to shape the security standards for AMC as an international organization, which includes consistency across all entities and meeting new regulations, such as GDPR,” Hommertzheim says. “Consistency allows for a cohesive understanding and prioritization of risk and enables the security team to effectively manage more by streamlining processes throughout the organization.”

According to Hommertzheim's LinkedIn profile, recent accomplishments at AMC include achieving PCI and SOX compliance, producing new metrics that help monitor for vulnerabilities and security incidents, “improving the correlation between security system reports” through better log management and analysis, and implementing new technologies while refining existing tools.

In the 10 years prior to joining AMC, Hommertzheim specialized in IT with the U.S. armed forces. As the 1st Infantry Division's director of network operations, she was responsible for hardening the unit's network against possible cyber threats. Before that, she provided IT planning services to a task force supporting 31,000 multinational organizations, including all branches of the U.S. military, plus eight independent task forces, 10 allied nations, and seven government agencies.

Hommertzheim describes two key lessons she's taken with her from her military days. First: anticipate change, no matter good your plan may seem.

“Shoot for an 80 percent complete plan. Your plans are bound to change,” says Hommertzheim, the co-founder and the communications chair for Women in Security – Kansas City (WiS-KC) and a board member for the (ISC)2 Kansas City Chapter. “It's better to allow flexibility than to scrutinize over every detail.  You've saved yourself some headaches and save your team the confusion when the plan inevitably changes.”

Her second lesson: “Understand intent. Your team should know your end goal. By doing so, they will deliver better projects, and you will empower them to make better decisions that align with the overall organizational goals.”