CIO Spotlight: Sheila Carpenter, Zix

What does good culture fit look like in your organisation? “I think the key to cultivating a good culture in an organisation involves leading with empathy, communicating transparently and ensuring employees feel accepted, respected, and have room for growth.”

IDGConnect_ciospotlight_suppliedart_sheilacarpenterzix_1200x800
Zix

Name: Sheila Carpenter

Company: Zix | AppRiver

Job title: Chief Information Officer

Date started current role: June 2019

Location: Greater Ottawa Metropolitan Area

 Sheila Carpenter joined Zix in June of 2019 as Chief Information Officer. Carpenter oversees security, IT, business applications and compliancy. Before coming to Zix, Carpenter was Vice President of IT, Cloud Services Operation for Entrust Datacard. She has worked in the software IT space for over 25 years. She began her career working with business information systems at Mitel Networks, and worked with many startups to implement SaaS offerings, introduce security frameworks and IT service management capabilities. With a strong commitment to promote diversity in security, Carpenter launched the Women’s Network of Ottawa for Entrust Datacard and has also implemented the Women in Security group at Zix | AppRiver.

What was your first job? I began my career working with business information systems at Mitel Networks and worked with many start-ups to implement SaaS offerings, introduce security frameworks and IT service management capabilities.  

Did you always want to work in IT? Although I have worked in the software IT space for over 35 years, my plans started out differently and took multiple detours along the way. My background was initially in business. I was once a salesperson responsible for selling parts for airlines, and once I decided I wasn’t a salesperson, I was provided an opportunity to do forecasting. From there I grew as a business analyst, project manager and then finally landed it IT and security.

What was your education? Do you hold any certifications? What are they? My background was business; I started doing my family’s books for a small business when I was a teenager, I went to University for Commerce and realised I did not want to be an accountant very quickly. However, this gave me the basis of what I truly feel is very important for an IT professional understanding business rather than just technology.  I don’t hold any certifications but did make sure I understood the frameworks for PMI, CSSP, Salesforce Administrator, Sales training, customer success, devops, devops security, budgeting, strategic planning and how to become a good manager.

Explain your career path. Did you take any detours? If so, discuss. My career took me a lot of places before I settled in IT. I started as a business analyst, where typically people would follow routes in administration, marketing, or accounting. Being between finance and data teams, it felt natural to become a project manager as I understand how the business could optimise operational productivity. From there, I started working in and security. In 2001, I joined Entrust Inc. to lead the company’s IT, security, cloud services, as well as the compliancy and risk programs for SOX and trust certifications. Since then, I have worked as the Director of Global IT and Security for Entrust DataCard, and spearheaded the integration between the two companies, establishing necessary certifications for the security team. In 2016, I became the VP of Cloud Services and led the migration of production workloads to a cloud-based platform with continuous delivery and automation, playing an instrumental role in obtaining CPI-CP certification for credit card creation. In 2019, I joined Zix | AppRiver as CIO.

What business or technology initiatives will be most significant in driving IT investments in your organisation in the coming year?  In the coming year, Zix’s initiatives will focus on proving the economics of security. Our customers need a single view into their security strategy and it’s ROI.  

We are a cloud organisation now, and we want to focus on how we can secure those cloud applications and control access to them.

What are the CEO's top priorities for you in the coming year? How do you plan to support the business with IT? Dave Wagner, CEO, and I have a few initiatives we are working on at Zix:

Developing and implementing a middleware software solution that will allow the companies Zix acquires to “bolt-in” and sell within our existing Secure Cloud infrastructure. This will provide a unified service, logon and platform interface to our users or as I also like to call it creating a “single-pane of glass”. The primary focus when talking to our customers is that our Secure Cloud can serve as their single pane of glass that unifies data across various applications and can quickly scale to fit businesses' unique needs, all in one place.

One part of my team is responsible for driving our internal security processes, which include running continuous audits and executing the findings from those audits. As a security company, ensuring we have high standards for our own processes is critical.

We are putting the infrastructure in place that will allow us to focus on expanding in new markets, such as EMEA, with a focus in Germany and the UK. Currently, we are making sure the infrastructure is stable and making any changes as the rollout continues this year.

Does the conventional CIO role include responsibilities it should not hold? Should the role have additional responsibilities it does not currently include? Previously CIOs were often viewed as business blockers and the position was primarily viewed as an internal role tasked with aspects like ensuring employee devices were secure and up to date. Now, CIOs are seen as business enablers and are being given a seat at the table when a business is being acquired, or a new product is rolling out so that they give input on how secure the company is or how the new solution’s revenue will impact the rest of the organisation.  

Today’s CIOs should be focused on protecting the enterprise while also allowing the rest of the business to do their jobs. The disruption that has taken place over the last year has upended a lot of technology and workplace norms. CIOs are well-positioned to help the rest of the leadership team understand the how emerging technology trends could impact the business, as well as the end-customer, and they should be proactively flagging this to the broader team.

Are you leading a digital transformation? If so, does it emphasise customer experience and revenue growth or operational efficiency? If both, how do you balance the two? Since all Zix’s applications were already in the cloud, we didn’t have to worry about the digital transformation aspect of getting to the cloud. Like many organisations, however, we had a new wave of digital transformation in the last year and executed many priorities in virtual settings which created unique challenges for our IT team. In the Fall of 2020, we made an international acquisition while being completely remote during the pandemic. Once that acquisition was complete, we had to make sure that the new product services integrated with the existing platform, while also continuously working on creating one seamless single pane of glass for our customers so they only have one platform to log into where they can access all their dashboards.

In addition, while leading our customer support organisation, my team and I are also creating operational efficiencies to support retention. It is critical we provide the phenomenal experience that Zix customers and partners have come to expect be delivering on metrics on call time, resolutions, ticket volume and more.

Describe the maturity of your digital business. For example, do you have KPIs to quantify the value of IT? When the pandemic hit, and everyone had to start working from home, we thought there may be some worry for KPIs on technical support. However, we continued to hit all our metrics, and never shut down. This seamless transition to remote work and continued business is a true example of the maturity of our digital business. The phone kept ringing and making sure that we had that phenomenal support that our partners and customers expect was being delivered. To ensure this level of support was given, we looked at call response times, resolutions, NPS scores and more.

What does good culture fit look like in your organisation? How do you cultivate it? I think the key to cultivating a good culture in an organisation involves leading with empathy, communicating transparently and ensuring employees feel accepted, respected, and have room for growth. At Zix, our HR team is a big driver of this and they conduct surveys, employee interviews and more to ensure are making data centric decisions for our team. We are able to gain actionable insights to create a place where people feel welcome and are invested in the success of the company.  

We have a culture of always learning and I make sure that my team has the time and resources to invest in themselves. This means having access to certifications, ongoing education and new skill development. One of the first things I did when I got to Zix was to create a career path for the IT team and begin a mentorship program within my team, specifically focused on our females security leaders. I had two goals– 1) Introduce them to different security specialties so they can uncover their passion and 2) Help them chart a plan for growth. 

What roles or skills are you finding (or anticipate to be) the most difficult to fill? There isn’t necessarily a problem with finding people who have the skills to fill roles, rather fighting for talent against other companies who are also recruiting for them. There is a high demand for people in IT, automation, security, DevOps, and DevSecOps. In this new age of remote or hybrid work, employees don't necessarily need to work in the office to do their job. The talent can be anywhere, and you can work remotely, making it more challenging to recruit.

What's the best career advice you ever received? The best advice I had ever received is to be patient – a mentor once told me “always give yourself at least six months in a new job”. The person who gave me the advice explained that it is important to give yourself time to adapt to the culture and company processes. Because you’re coming in with a different point of view, it's important to really see how things work internally. So, give yourself six months to adapt to the environment, understand the culture and start to make an impact.

Do you have a succession plan? If so, discuss the importance of and challenges with training up high-performing staff. This is an area that I think is important not just for the company to be successful but also to make sure we are elevating new leaders. I do have a career path now in the IT department which has increased team engagement and already lead to employees taking on managerial, team lead and growth roles. I work with the team to create special projects for high performing team members so they can discover their passion and I can put a spotlight on their contributions. I find it exciting to be able to watch the growth of my team members and see how empowered they are to do more at Zix and in the security field.

What advice would you give to aspiring IT leaders? I think the best advice to give aspiring IT leaders is to be intentional about the power of your network, and always prioritise continuous learning. Finding likeminded allies and mentors are essential to help you grow and learn. Once you’ve made it, it is also critical to continue the cycle and pay it forward through mentorship. Everyone in my mentorship program is reminded of how special it is to help mentor others and to watch them succeed in the same way they did – which is why paying it forward is essential.

If you know a woman looking to get into IT, or a young girl interested in that scope of career, encourage her to do it. Let’s encourage more girls to join STEM programs through their schools at a younger age. Let’s educate young women on the different types of IT avenues and help them find places they can excel in. Let’s build trust with other women and seek out like-minded women you can grow with. And let’s also not forget our male allies.

What has been your greatest career achievement? My greatest career achievement would have to be seeing those that I have mentored not only just succeeding, but pay it forwarding to others who were once in their shoes.

Looking back with 20:20 hindsight, what would you have done differently? Looking back, I would adapt my words of wisdom now, which is to always be transparent. Communicating openly with members of your team helps clarify expectations, increase engagement, solve problem quickly and ensure ideas are openly shared.  

I find that leading a large team, and a team that is on the frontline to our customer experience, it is especially critical to make sure processes are defined and understood, feedback is escalated and collaboration is prioritised. Effective communication is the best means to ensure this all happens.

What are you reading now? I am currently reading two different books: Forged in Crisis: The Power of Courageous Leadership in Turbulent Times Book by Nancy Koehn. How Women Rise: Break the 12 Habits Holding You Back from Your Next Raise, Promotion, Or Job Book by Marshall Goldsmith and Sally Helgesen.

Most people don't know that I… I’m already trying to better my new granddaughter's self-esteem for when she grows up. I’ve already pulling information for her from a book I purchased called Dear Girl, a book that encourages girls to always be themselves and to love who they are—inside and out.

In my spare time, I like to…I enjoy running, yoga, and being on the water at my cottage in Ottawa, Canada. As an empty nester, my husband and I of 30+ years enjoy our two dogs and visits from both of our children.

Ask me to do anything but… but swim with snakes - I am really scared of snakes.