CIO Spotlight: Colin Murphy, KnowBe4

What business or technology initiatives will be most significant in driving IT investments in your organisation in the coming year? “… increasing our effectiveness through process automation.”


Name: Colin Murphy

Company: KnowBe4

Job title: CIO

Date started current role: April 2020

Location: Clearwater, Florida

Colin Murphy is an IT executive with over 13 years of experience in security and software development in telecommunications, energy deregulation and the financial industries. He is currently chief information officer for KnowBe4, where he is responsible for information technology strategies and systems to ensure they support the organisation’s goals and high-level business objectives. Previously, Murphy led two companies to acquisition where the buying factor was the IT systems and software. He holds the CISSP and CEH cybersecurity industry certifications.

What was your first job? I worked at a bagel shop in California. I opened in the mornings and then by early afternoon, I went to school. I learned really quickly that I am not a morning person, and I would do everything in my power to not have another job that required waking up at 4 a.m.  

Did you always want to work in IT? I was passionate about technology at a very young age. I knew I wanted to do something with technology, but my passion was security and reverse engineering before that was thought of as a career path. Throughout college, I did a lot of consultant IT work and knew that it was the path I wanted to continue pursuing.

What was your education? Do you hold any certifications? What are they? I took the hardest route possible with school. I tested out of high school and started college far too young. I bounced around through different programs before moving to Florida and finding out about the NetSec program at a local college. It was a pilot that was in partnership with (ISC)2’s new certificate program, CISSP. I think that was a major turning point for me due to the fact there was now a path that closely aligned with my interests. It was an excellent program that exposed me to the challenges a true enterprise environment would potentially face. The certifications that I hold include CISSP and CEH.

Explain your career path. Did you take any detours? If so, discuss. I would define the path I took more as mandatory side quests. I have had many different roles that spanned various, disparate industries. My first real job was unreal, as I travelled around in private jets with huge budgets and bleeding-edge technology (private equity). Years later, I was chasing another dream in a third-world country dragging generators and petrol cans to the front of my office building to keep the computers running (energy deregulation). No matter what I was doing, it felt like I was working towards a bigger goal.  

What business or technology initiatives will be most significant in driving IT investments in your organisation in the coming year? Replacing major systems that we have outgrown and increasing our effectiveness through process automation.

What are the CEO's top priorities for you in the coming year? How do you plan to support the business with IT? Continue to ensure that we maintain our high level of customer satisfaction. That means creating solutions that scale across the globe and decrease the effort it takes to accomplish a work task. We are able to support it by identifying inefficiencies and engineering simple solutions that easily scale.

Does the conventional CIO role include responsibilities it should not hold? Should the role have additional responsibilities it does not currently include? This really depends on the environment. Here at KnowBe4, we have four C-levels that drive the effectiveness of our technology initiatives and information security policies. If we did not have a CISO, then those typical responsibilities would become my responsibility. The same applies to the CCO, CTO and CISO, all roles which cover the organisation from external customers and vendors to internal staff and compliance.

Are you leading a digital transformation? If so, does it emphasise customer experience and revenue growth or operational efficiency? If both, how do you balance the two? Yes. The primary focus is operational efficiency.

Describe the maturity of your digital business. For example, do you have KPIs to quantify the value of IT? We are a data-driven organisation, so everyone works from metrics and quarterly OKR’s.

What does good culture fit look like in your organisation? How do you cultivate it?  High level, a good culture fit is someone who loves what they do, believes in our mission and has the willingness to persevere through tough challenges. You have to be comfortable with total transparency throughout the organisation. We cultivate it by ensuring everyone is well trained, well supported and given the opportunity to contribute to a vast array of projects and initiatives.

What roles or skills are you finding (or anticipate to be) the most difficult to fill? Highly technical roles that require more than five years of experience. Developers, SREs, ERP admins are in high demand with a definite shortage in the hiring pool. I believe part of the problem is the uncertainty the pandemic has brought to the world.

What's the best career advice you ever received? Be your own boss. When I was young, I thought this solely meant to not work for anyone but yourself and make your own hours. Over time, I learned that it was more applicable to challenging oneself to do better and demanding that through failure and success, something usable was learned.

Do you have a succession plan? If so, discuss the importance of and challenges with training up high-performing staff. I do not.

What advice would you give to aspiring IT leaders? Dig in and really understand the processes and tasks you will someday ask others to do. Keep it simple and focus on the core foundational domains. The buzzwords and newest tech gadgets change like the wind and have little to do with leadership and more to do with spending money.

What has been your greatest career achievement? As cliché as it sounds, it was joining an organisation like KnowBe4 and being able to contribute at a high level to the continued success of the organisation.  

Looking back with 20:20 hindsight, what would you have done differently? Career wise? Absolutely nothing. Financially? Held onto a few thousand bitcoin.

What are you reading now? True Faith and Allegiance (Tom Clancy) and Sandworm (Andy Greenberg). There is also the daily routine of reading up on new open-source projects and security research.

Most people don't know that I… prefer to keep a low profile. As a security researcher in a previous life, I spent a lot of time keeping my name out of articles and not contributing to social media. It is for this reason that I offer new hires to KnowBe4 the chance to find out my real birthday through online research and I will buy them a coffee.

In my spare time, I like to…Take my family on spontaneous adventures or start random projects that force me to learn something completely new. Notice I did not say complete the random projects…that’s because my 77 Camaro is only half restored after four years.

Ask me to do anything but… Sing or dance.