How I Landed My CIO Job: While serving as the interim CIO at Malwarebytes, Greg Higham and company leaders recognized the great fit and decided to make it permanent.
Heller Search: Tell me about your career prior to your CIO position at Malwarebytes.
Greg Higham: I had come out of a successful exit at Marketo, where I was part of the team that took the company through a successful IPO and subsequent sale. After Marketo, I co-founded Periscope Group, a company focused on bringing a digital footprint to a historically analog business - drug and medical device complications and failures. I built that business from the ground up along with my co-founder and then handed it off to her to take forward.
Following that I headed back into my more traditional CIO role and joined a group of some of my favorite Bay Area technology executives as a Partner at StrataFusion Group, doing executive technology consulting and interim C-level work.
How did the CIO opportunity at Malwarebytes come your way?
I was introduced to Marcin Kleczynski, the CEO of Malwarebytes, through one of my StrataFusion partners, Mark Egan. The previous CIO had left, and Marcin was looking for someone to come in and help him rethink IT at the company.
Initially, I came on in the interim CIO capacity, so one of my assignments was to find a permanent CIO. I wasn't looking for a full-time CIO position myself, I was having a lot of fun consulting with my partners at StrataFusion Group, but Malwarebytes and I quickly discovered a great fit and decided to make it a long-term relationship.
Looking back, what led you to consider turning this into a full-time CIO position?
There are three things that are important to me as I evaluate opportunities. One is the people. Starting with this impressive 30-year-old CEO and the executive team that he is building around himself and right on through the company, the people and the culture here are very, very special.
The second thing that is important to me is the company and the market opportunity. Being in the information security space, the company is clearly quite relevant.
The third thing I look for is my ability to have an impact. There's plenty of opportunity for that here at Malwarebytes. I've been doing this for 30 years, and I know how to help scale and transform an organization as we look towards maturation, compliance, and alignment of IT with the needs of the business. As Malwarebytes continues to grow, I am confident that my experience and expertise will be quite valuable in helping to successfully scale the company.
What did Malwarebytes need in its new CIO?
Experience optimizing and maturing the IT organization -- taking this very fast-growth, wonderfully entrepreneurial spirit and bringing in some lightweight process and a focus on scale, coupled with a business-centric approach to IT.
Who do you report to?
The CEO, Marcin Kleczynski.
What is the current headcount in IT?
About 35 people, which is appropriate for where we are in our journey. I always strive to keep my teams lean and mean, working to be smart about our investment and ensuring our spend is directly correlated to achieving relevant business goals.
Related Post: How I Landed My CIO Job,
What have you been working on?
The thing that I've been most focused on is realigning the team towards a business-focused approach rather than a technology-centric one. It's not about racks and stacks, speeds and feeds anymore. We now need to think about what we are doing to help Sales sell more, how we’re helping Engineering produce a better product more quickly, etc. – basically how we are supporting our business partners in achieving their deliverables. That includes making sure that I'm bringing the right resources to bear to on each opportunity or challenge.
Also, I need to make sure we are architecting the IT fabric in a way that will support the business's go-forward growth, taking a scaled view that looks out three to five years.
In the spirit of bringing effective process to help ensure alignment, I’ve created an IT steering committee. My vice president of business applications and I meet once a quarter with the other functional executives to review what we're focused on and ensure cross-functional alignment and agreement. After all, these are not IT projects, they're business projects, so I want the business to have a voice and ownership in that, and together, we make critical investment and prioritization decisions. Then our job is to work closely with the business and our vendors to deliver against that roadmap, and to regularly report on it.
What does ‘digital transformation’ mean at Malwarebytes?
We're a Silicon Valley technology company, and as such, it’s a bit different for us. We were born and raised in the cloud. This is what we do. Our transformation focus is more about optimizing investments in this SaaS environment we live in. For example, when I joined, we had multiple LMSs, CRMs, etc., so part of my responsibility is to bring added maturity around application portfolio consolidation with an emphasis on business requirements, scalability and security.
In this very tight market for talent, especially in Silicon Valley, how do you attract and retain great people?
I have several assets at my disposal. Starting with being based in Silicon Valley, with our global offices strategically located, allows us to be near the talent we need. The second asset is this very special company, space, and culture. Anybody who spends time with the company gets to experience that very quickly. It is something that was extremely obvious to me early on. We have a team of some of the best and the brightest in the security industry. And the best and brightest like to be surrounded by more of the best and brightest. So, we offer very competitive compensation packages and we also surround our top performers with top performers. The result is rather impressive.
There is a lot of talent in Silicon Valley, but there's also a lot of demand for that talent.
It's certainly not the least expensive place to acquire talent. You just need to make sure that you're the place that top talent wants to work, and we strive hard to be that. Our employees have a sense of autonomy and purpose in addition to excellent benefits and perks. While great perks are pretty standard in the Silicon Valley today, the autonomy and purpose our employees experience is not something many organizations can offer or sustain.
How do you know when your IT organization is succeeding?
The business and results inform me. We're focused on achieving business success, so we know we're successful when the business is successful. When you have the appropriate alignment and you're being a good partner to the business, it's extremely apparent. I augment this by asking the business for continual feedback.
What new consumer technology do you find exciting personally?
Mobile technology. I'm always on the go, so the plethora of consumer mobile, whether it's a wearable or a tablet or just in my ear, it’s all very cool.
Another example is eReaders. I'm an avid reader, and a very tactile person, so I'd always acquired and consumed hardback books. But recently, I made a transition to digital for all the sensible reasons - portability, access, and ease of use. Now I read everything on my iPad and I haven't purchased a physical book in quite some time.
What are you reading now?
I read a blend of fiction and non-fiction, a little bit of everything. On the fiction front, I’m reading the new Jack Reacher novel by Lee Child. On the business side, I’m just starting a book that Marcin recommended titled Never Split The Difference: Negotiating As If Your Life Depended On It, by Chris Voss, an ex-FBI hostage negotiator.
Do you have a favorite place to travel on business?
I’ve had the pleasure and the curse of traveling globally on business for a very long time, and I always enjoy discovering new cities, new places, new cultures, and new people. But the favorite place to travel for me is home. Though if I had to pick a favorite business destination, Ireland is very high on my list.
Do you have an airport vice?
I basically park myself in the Centurion Lounge and work. I try and be as productive as I can and minimize the time waste that airports entail.
The other thing that I do virtually every time I’m in an airport is to seek out a professional shoeshine. It seems to be the only place you can still get one!
What advice or insight can you share with rising IT leaders?
The IT executive role has fundamentally changed and has gone from being a pure technologist to a business enabler. While you need to be current with, and able to build a team around, appropriate technologies, today’s IT leader needs to have a business-first approach and understand how to partner with his/her functional leaders in order to achieve business results. Knowing how to enable the business and build a team to help grow and scale the company is much more important than standing up servers and installing software.
Anybody considering this role needs to be comfortable with change on a regular basis. What is part and parcel to the CIO role is that every day is different. Things change regularly, and in fact, it's part of the job description to help manage change across the organization. So, if you're change-averse, this is may not be the right role for you.
And lastly, you must have the willingness to not only fail, but to fail fast. If you can develop an environment that allows teams to innovate, investigate, and be curious, and where failure is acceptable, that will help you be more successful.
About Greg Higham
Greg Higham joined Malwarebytes as CIO in January 2019. Higham is a Silicon Valley technology executive with more than 25 years of experience driving technology vision, strategy, global operations management, acquisition integration and scalable business growth. Prior to joining Malwarebytes, he was CIO of Marketo, where he helped navigate a successful IPO and sale to Vista Equity Partners for $1.8 billion.
Malwarebytes proactively protects people and businesses against dangerous threats such as malware, ransomware and exploits that escape detection by traditional antivirus solutions. Malwarebytes completely replaces antivirus with artificial intelligence-powered technology that stops cyberattacks before they can compromise home computers and business endpoints. More than 60,000 businesses and millions of people worldwide trust and recommend Malwarebytes solutions. Founded in 2008, the company is headquartered in California, with offices in Europe and Asia.