The finalists for WashingtonExec’s Chief Officer Awards were announced April 15, and we’ll be highlighting some of them until the event takes place virtually May 27.
Next is Chief Information Security Officer Award finalist Phil Quade, who’s CISO at Fortinet. Here, he talks success in his current role, shaping the next generation of leaders, career advice and more.
What has made you successful in your current role?
If I’ve been successful, I believe it’s at least partly rooted in picking jobs that either haven’t been done before, or are trying to tackle the hardest problems, and by working with strategic, creative and technology-astute people.
Along the way, I’ve learned that it’s important to understand that, oftentimes, many are surprised — even threatened or offended — by the scale or strategy behind the solutions to such problems. But by ensuring you’re in sync with senior leadership’s intent, or in some cases waiting for real-world events to serve as a catalyst for action, you can achieve leap-ahead results that people eventually rally around and use to effect meaningful change.
What are your primary focuses areas going forward, and why are those so important to the future of the nation?
When talking about the future of our nation, you cannot overlook supply chain security: specifically, the abject threat of deeply hidden vulnerabilities in products and services that are used by millions. But an even more imminent concern is the security of operational technology that underpins our critical infrastructures, especially energy, water, transportation and manufacturing.
As we instrument the physical domain — our houses, cars, town squares, and even our bodies — with IOT, the safety, reliability, integrity and privacy of the resulting “cy-phy” (cyber-physical) domain becomes essential to our personal and economic well-being.
How do you help shape the next generation of government leaders/industry leaders?
In looking toward the next generation of leaders, we need to change our use of the word “diversity,” both for practical reasons and for reasons important on national and social levels. We have an opportunity — and a need — to create and employ a large and diverse new workforce, while simultaneously bolstering the integrity and privacy of the domain central to 21st-century economy and governing: the cyber domain.
A vibrant cybersecurity workforce fuels our companies’ innovation and growth, safeguards government services, and strengthens our critical infrastructure, whether in transportation, voting, health care, banking or elsewhere. And importantly, a more inclusive workforce of nondegreed cybersecurity people re-invents and revitalizes the upward mobility aspect of the “American Dream,” serving as a combined economic and social engine.
What’s the biggest professional risk you’ve ever taken?
My biggest professional risks required me to orchestrate national programs, with the authorization and visibility of a small number of people in national leadership, for which the purpose was not intuitive nor explainable to others (and therefore often vocally opposed).
In some sense, knowing you’re doing the right thing helps, but a week-to-week focus on something that others don’t understand or support can alienate good, smart people who you know you’ll want to work with again down the road. More generally though, most jobs have risks that are not well-understood by all, so having a “the facts” strategy, a plan and being good communicator serves any manager well.
What’s your best career advice for those who want to follow in your footsteps?
I’ve learned that if you establish your own personal definition of a healthy work-life balance, you can “have it both ways.” You can achieve a successful career while never underprioritizing your family. Such a formula, conveyed day-to-day to the teams you lead, sets up the organization for long-term success, rather than success that depends only on heroic short-term surges.