Barracuda Networks CIO speaks with International Security Journal

Siroui Mushegian, the newly appointed Chief Information Officer (CIO) of Barracuda Networks, discusses leadership and strategic vision with ISJ.

Can you tell us more about your background in security and IT?

My career in IT and security started by chance over two decades ago.

I had initially planned to follow in my father’s footsteps and pursue a career in finance but then I started working for a French software company in New York City.

Eager to learn and ramp up my real world skills, I took on every task I was given.

I found myself managing everything from patching network cables, to running training programs and even selling software solutions.

This experience led me to recognise how immensely influential IT is in enhancing all aspects of a business – it fostered my passion for the field and ultimately shaped the future of my career.

I have been fortunate to work for some large and respected organisations, including Time Warner, Ralph Lauren and even the NBA.

I learned that every organisation has unique needs.

Now, as the CIO of Barracuda, I can leverage that insight to help steer the company’s solution roadmap in a way that best caters to the needs of its broad and diverse customer base.

How would you define your leadership philosophy?

I subscribe to the ‘servant leadership’ philosophy and aim to support my team with a hands-on approach to management and engagement.

I never shy away from ‘getting into the trenches’ and working very closely with all members of my team – helping them to lean in and lean on each other.

To be effective, cybersecurity cannot simply be enforced from the top-down.

Every employee needs to feel empowered and part of the larger cybersecurity vision and mission.

In a high growth organisation such as Barracuda, even the best leaders simply couldn’t go the distance on their own.

When stakeholders collaborate, we move faster.

And, while the role of a CIO may be seen as that of a technologist, I would argue that interpersonal abilities are most important in an IT leader’s set of skills.

Having and developing this area of expertise translates to an enhanced ability to bridge the gap between IT and management and better obtain real time feedback from frontline defenders, both of which are essential to continuously enhancing the organisation’s security posture.

In the IT industry, how important is it to limit technology silos to improve security and operational efficiency?

I find myself speaking about this very topic on a weekly, if not a daily basis.

It is one of the most fundamental prerequisites to enhancing both security and operational efficiency.

Silos create an environment where duplication thrives and critical assets that need to be protected are unaccounted for and can be left out of governance plans and security frameworks. 

The solution to eliminating technology silos isn’t a technological one.

IT tools are vital, but the endeavour must be a human one.

Business leaders must first recognise the risk.

Relevant directives and policies need to cascade from the top down and the company needs to introduce transparent governance frameworks and share them with employees in a way that ensures everyone knows about them.

You need to meet your employees where they are – with constant, consistent communication across all the channels they use to get information.

And, finally, you need to put in place appropriate feedback loops so that the process can evolve and adapt.

How vital is it to make cybersecurity both affordable and readily available to a range of business sectors and different sized operations?

Today, since every organisation has some element of technology, the importance of affordable but effective cybersecurity cannot be overstated.

Small businesses are the backbone of the world’s economies – this is certainly true in the UAE where SMEs account for around two thirds of non-oil GDP.

If these organisations lose productivity, revenues or customer confidence due to cyber-attacks, this could have a direct and tangible impact on the national economy.

Further, in today’s globalised economy, even enterprises that have invested millions in building best-in-class cybersecurity infrastructures could be exposed to risk through their supply chains.

We’ve seen this happen with the now infamous Target hack, which was traced back to a phishing attack on a third party contractor.

If cost, availability and complexity are barriers to robust cybersecurity, then stakeholders along the entire value are impacted.

Barracuda is committed to making advanced security accessible to all, and easy to implement, scale, manage and use.

As Barracuda CIO, what is your strategic vision and your plans going forward?

Barracuda is at an exciting and pivotal point in its journey as an organisation – having built up impressive momentum, we are now primed and ready to capitalise on the incredible opportunities for growth that we are being presented with.

From an operational perspective, this means we need to be ready to scale at speed.

In the near term, my focus is on identifying opportunities for optimisation and enhancing efficiencies.

As I roll out projects aimed at achieving these objectives, we’ll prioritise those that drive the most value for the business.

Of course, everything we do will be wrapped in cybersecurity – we are avid users of our own security solutions and work closely with the engineers to test and hone new innovations.