Stacy Hughes, Global Payments
Stacy Hughes came into her role as a key security and compliance executive at Global Payments in a traditional way — one that everyone who has ever been in a classroom can relate to.
"Early in my career at Global Payments, I raised my hand during an IT risk and compliance meeting, stating that I was interested in doing more security work," Hughes said.
It was a move that illustrated her belief that one has to be vocal about career aspirations. That philosophy has guided her through 17 years at Global Payments, the past four in the role of senior vice president of IT governance, risk and compliance.
Read more: The Most Influential Women in Payments, 2020
"I didn't know how successful I might be in the security field," said Hughes, a 2020 PaymentsSource Most Influential Women in Payments honoree. "But I knew it was something that piqued my interest and something I was passionate about. So speaking up for what I wanted put me on the path I'm on today."
That path is arguably one of the most important that a payments executive can travel, as the security of payment credentials and devices continues to be the industry's major challenge.
"In the same way 'payments' no longer means a single point-of-sale device or an e-commerce site, security will also extend beyond protecting something singular like a customer's credit card," Hughes said.
One of the biggest changes the payments industry will see in the next few years, Hughes said, is the need to raise the bar on vendor security compliance. "As payments technology becomes even more embedded with broader software applications and solutions for businesses, those businesses will need to be more vigilant about the security posture of software vendors and be tasked with upholding a higher level of compliance," she added.
The increase in connected devices, as well as the use of apps and cashless payments and wallets, will force companies to look beyond payment credentials for how they keep customers safe, Hughes said.
Hughes' background puts her in a good position to take on these security challenges. In her current role, she has worldwide responsibility for implementing and monitoring clients' information technology and security compliance, including Payment Card Industry security standards.
Before accepting the senior vice president role, Hughes served as Global Payments' Sarbanes Oxley, or SOX, compliance controller. SOX is a federal law instituted in 2002 to provide more protection for financial procedures, accounting and investing.
Hughes also served as an assistant controller and director of external compliance at Global Payments, helping with the company's SEC filings.
She believed obtaining new certifications beyond would help her move up the ladder. In addition to being a CPA and a chartered global management accountant, Hughes is also a certified Information Technology Professional, Risk and Information Systems Control; PCI Internal Security Assessor; and a PCI Professional and Information Security Manager.
However, Hughes also learned all of the certifications in the world don't make one a good leader and manager. She found out the hard way in being passed up for a promotion earlier in her career.
"My boss sat me down and explained that I wasn't delegating enough to my team in order to maximize their talents and achieve optimal success," Hughes said. "At the time, it was very tough to hear this critique and even harder to admit I'm not perfect at everything."
Over time, she used more care in building her team, bringing on members who could handle more complex issues. It allowed her to become more strategic in her role and to spend more time motivating team members, rather than doing their work for them.
"Sometimes as women, we take on the weight of the world and try to be the best at everything, so that feedback was tough to process," she admits. "However, after some reflection, I realized the feedback from my boss was valid and the decision not to promote me at that time was the right one."
After two years of Hughes putting her new habits to work, Global Payments management noticed the progress her team was making and she earned the promotion.
It was a lesson that has shaped Hughes' view of how women can better position themselves for top jobs at their companies.
"One thing keeping women from the corporate suite jobs can sometimes be a lack of self-confidence and hesitation about pushing themselves out of their comfort zone," she said.
They also can't feel guilty about taking leaves for the birth of a child, a health issue or an aging parent. It actually helps assure you build a capable team around you, she said.
"It's important to remember that we can't be everywhere at once and it's more than OK to ask for help," Hughes said. "Everything is not about work, and taking a leave of absence is a meaningful lesson in the work-life balancing act."
When looking to attain a top management position, it ultimately comes down to that classroom tradition of raising your hand.
"If we don't raise our hand and make our career aspirations known, it may hold us back from that next step or career move that may be crucial for putting us on the path to secure a C-suite position," Hughes said.