Only leaders can change the system

First, off topic, I recently started reading "Blog Schmog" by Robert W. Bly. Ho Hum, maybe this blogging business isn't so great after all !

Back to topic, a former CEO at my POE was fond of saying "Most problems are system problems", and then eventually following that with "Only leaders can change the system". Turning this idea to Digital security, how does an IT Person positively affect change , especially if he is not endowed with a strong mandate from C-level management ?

Three ideas that I have gleaned along the way are thus:( I'm being extremely lazy here and only crediting the person, I should have a hyperlink to the document...Blog Schmog, I guess you are right !)

First : Marcus Ranum argued that fear as a motivator is unethical and the security pro should try and get security incorporated at the very beginning of projects.

Second: Richard Bejtlich suggested that we have our mechanisms in place(i.e. forensic friendly) so that when the digital trainwreck occurs , we can step in an give the re-assuring words "We can help".

Third: Unfortunately, I can't remember this source, but this expert actually prescribed a good dose of fear , esp. in these lean economic times. His view was that idealistic views would not go far given the economic climate.

For myself, I seem to be having trouble with all of the above, except maybe the second.