In a changing IT landscape, flexibility and adaptability are vital skills to have. Julie Cullivan, the first CIO of Forescout Technologies, a cybersecurity company that specializes in device visibility and control, kept an open-minded and people-focused approach to tech and says it led to opportunities for growth. Starting with a career in finance, Cullivan had no expectations of becoming a CIO, but had the foresight that IT would soon shift toward bringing services to people and teams through technology. Because she was able to connect with teams and empower them with the tools they needed to perform their jobs well, Cullivan became not only Forescout’s first CIO, but its Chief People Officer as well.
Learn more about Cullivan’s take on the importance of versatility and the power of connection with teams in the fourth edition of our How to Become a CIO series.
The Evolution of a CIO
What sort of roles did you take before becoming a CIO? Tell us a little about your career prior to now.
I started out as a finance major and went into corporate finance straight out of school. I thought that’s what my career path was going to be. I was working at Oracle in a finance function when they decided to start taking their business applications to market.
I ended up moving into technical sales and that started me on the path of more of a technical background. I spent a good chunk of my career on the go-to-market sales side of things, but always in a technical role.
And my first job in IT was as CIO at FireEye, so it clearly was not a straightforward career path or within one discipline. I’ve had the opportunity to do a lot of different things and I think for me, it really made [my journey] more interesting, more fun. I’m not a career IT person, but I’m a career high tech person.
How do you think the role of a CIO and the roles of those who report to them have changed over time? Is it mostly job duties that have changed? Have team dynamics changed? What’s your take on that?
I would say for us [at Forescout], it doesn’t necessarily manifest itself in a variety of different titles. The reality is that the job itself has changed and the conversations with your business partners has changed. The role has evolved considerably because of the need for IT to focus on connecting the organization. The connection can be from a collaboration perspective, or from an integration and automation perspective. I think before, there’s a lot of focus on things like, “How do I manage, maintain and upgrade on-prem systems” and stuff like that. The evolution of cloud has allowed people to think about different ways to solve problems, because they’re not always focused on the ongoing maintenance and support of a bunch of existing systems because someone else does that for you now. But what becomes really important is, again, being able to think about things from a process automation and an end-to-end perspective and how do you tie these things together.
Because there’s this pendulum of best of breed, then there’s the idea of choosing a platform that maybe doesn’t solve 100% but around 90% of your needs. Reality is we’re in a mode right now where people can go out and very quickly buy and deploy solutions that solve very specific problems. It’s IT’s job, therefore, to make sure that it’s thought about from a security perspective and a data privacy perspective. And then more importantly, how does this integrate with the rest of the systems and ecosystem that we have.
Prepping for a CIO Role
What was the most memorable thing you can recall about transitioning from a non-CIO role to your first CIO job?
My major revelation was that when I was making that decision, I thought about all the CIOs I had partnered with in my previous lives and how much I challenged them. And perhaps I did not always appreciate how difficult their side of the equation was and what their challenges were.
There was a bit of karma in the whole thing. Now, I’m the person that everyone is coming to you saying, “Hey, these are my priorities and things aren’t moving fast enough” or “I need some focus and attention on these things.” So I think [that lesson] was very valuable to me because I had been in their shoes so I could understand the business problems. I started to get a better appreciation for how difficult it is to manage all those priorities and to make everybody happy, and help them accelerate whatever their projects are.
I think I’ve always thought that the CIO role is really a business role, even though many people don’t tend to think of IT as a business function. And I think in a lot of cases, the CIO often understands more about the end-to-end business and some of the functional partners themselves. I really encourage my team to understand what the business is trying to do and not just focus on what tools and technology might solve that problem, but to really think about it from a business perspective
Do you recommend finding a specialty to further enhance your technical credibility?
I would say early in your career, there’s a lot of value in getting really good at a specific set of skills or systems and building some expertise and discipline. I think as you move up, that’s your opportunity to kind of really say, “Hey, how do I think more broadly about the goal?” So I’m not necessarily a fan of thinking that starting at the entry level, functional role or staying within one discipline is the only path to get to the top. I think the time to start looking at how to get more experiences and learn different functions and rules is after you’ve established yourself as being really good at something. Some of what you learn just has to come with doing it, living it, experiencing it – making some mistakes and learning from those mistakes.
Breaking Down the Roles of a CIO
How much would you say project management factors into the role of a CIO?
I think you have to have a track record of excellent execution and delivery. This means that you have to show adaptability along the course of a project. And it’s funny, I have over the years – because I’ve done a lot of operational work – have sometimes gotten the label of not being strategic. Planning is super strategic. Being able to execute on a complex project and deal with the ups and downs is strategic. Being able to think three steps ahead and identifying some risks, is strategic. So I would say that it’s really important, but it’s also important to make sure that you show your ability to look at things from a bigger picture perspective.
How much does real-world experience in IT governance and risk management play a factor? Is there a certain amount of experience one should have prior to the role?
I think it’s huge. When I was a relatively new CIO, I can distinctly remember the team coming to me with a very important decision that needed to be made around a disaster recovery initiative. And they came to me and there were definitely two camps and neither of them were on the same page. And so they said, “Hey, now this is your problem. You need to help us get to alignment here.” And I initially thought I didn’t have deep knowledge into disaster recovery models and strategies. I realized very quickly that it really is all about business acumen and being able to look at things in terms of risk/reward. So I think it’s really important.
I’m a compliance governance fan. I think I’ve adjusted my perspective considerably to try and look at things with a lightweight approach and to implement some discipline without making it feel like heavy governance.
What is the most important skill for a CIO to have that’s not technical? How do you suggest someone hone it?
I think almost all the skills are not technical. I mean, don’t take me wrong, by the time you get to [the CIO role], the organization, size and everything plays a role. I think reality is, you’re not able to get as deep technically in a lot of things compared to your team. You may have once in your career, but over time those things slip further away. I think your job now is all about communication, collaboration, leadership, and cultivating teams. I think it’s almost 80% soft skills. You have to be sharp and understand technology, stay top of what’s going on technically, but also you’re going to build a team of experts in those disciplines.
Trust but verify. You want to do everything you can to make sure that your team and those people or individuals you serve are successful as well. So, there’s that balance of giving them some leeway and being comfortable with making mistakes and managing them and guiding them in the right direction.
CIO Best Practices to Follow
Did you find any particular resources useful as you were going up the ladder?
I would say for the first two thirds of my career, a lot of my focus was on experience, working hard, and proving myself. I wasn’t really thinking about networking. Of course, I had to do some amount of it, but I really did not put a lot of energy into networking until I became a CIO at FireEye.
That’s when I got a lot more focused on needing to build a network and looking at how to accelerate my success as a CIO. I went from being a SVP of Marketing and Sales Operations to becoming a CIO. And in that transition, I realized that I didn’t have a whole lot of CIOs in my network that I could just call up and say, “Hey, how are you handling this?” And so I very quickly started to connect with a bunch of other CIOs and specifically CIOs in similar scenarios.
A Note to Future CIOs
Is there any final advice you’d give to someone hoping to become a CIO one day, whether they come from a Systems background or just overall?
Think about all the things that got you to where you are. Remember what your strengths are and recognize your weaknesses. Be very aware of that and make sure that as you move into something new, whether it’s a CIO role or something else, that you bring in people that help compliment you in those areas.
Also, don’t just think because something worked at your last company – some rule, system or technique – that you have to do the same thing. Be really open to the fact that every company is different in how they approach things. The ending result may be the same, but how you get there may be different depending on whom you’re working with and the culture and where that company is from a maturity level, et cetera. You just have to really be flexible and adaptable.