Why one NSA vet picked the private sector as his new gig

In January, Fortinet hired Phil Quade to be the company’s chief information security officer, bringing with him 33 years of experience at the National Security Agency.

Founded in 2000 and based in Sunnyvale, Calif., Fortinet is an IT security firm that specializes in a security including network, data centers, cloud, infrastructure, content, endpoint and application security. The company has just shy of 4,700 employees and reported fiscal 2015 revenue of around $1 billion.

For Quade, Fortinet was an easy choice. “I was looking for a company that was years ahead of others,” he told Washington Technology. It boiled down to the same reason he began working at the NSA: “I wanted to work on the fastest, most dynamic computers available.”

Quade had long wondered about the private sector while he was at NSA, but it is not until this year that he decided to take the leap. In one significant way his role at Fortinet mirrors his role at NSA—talking to C-suite executives about technology and operations.

“Both sides are appealing,” Quade said. “In the government, you have the opportunity to affect national strategy and national policy. That’s the positive side. The positive side of working in the private sector is the agility, the speed, and the innovation in which you can go from idea to solution.”

Industry has a lot of cybersecurity related opportunities to work with the government, Quade said. “From what I’ve seen of the government, not just NSA, is that parts of government are not naturally focused on technology.”

Quade offered up one example: the Interior Department is not relied on to take on the sophisticated threats from foreign entities; however, that does not mean agencies like Interior cannot benefit from increased cybersecurity.

Quade has been with Fortinet about a month and in addition to advising his chief executives on information security, he is working on protecting the company’s information security technology and assets.

He also is focused on shaping and expanding Fortinet’s federal business. “The IT folks [in the federal government] are heavily overburdened professionals, and I think Fortinet can help them transition to private, public, or hybrid clouds with Fortinet security built in.”

Lastly, the company believes that critical infrastructure is something that every company and organization should do their duty to protect. That being the case, Quade and Fortinet are focused on helping collaborate with other vendors to protect the nation’s critical infrastructure, he said.