Paul Michaels
Chief Security Officer, Fortinet Federal
Paul Michaels led the rollout of an enterprisewide security compliance framework to strengthen readiness across Fortinet Federal’s public sector portfolio. The effort included aligning with evolving Defense Department security mandates, most notably preparing for the rollout of CMMC 2.0 as the program shifts from voluntary adoption to mandatory enforcement. The integrated approach keeps the company ahead of regulatory changes while supporting agency missions securely and efficiently.
In his volunteer role as chairman of the board for the Cyber AB, Michaels helped guide the national implementation of CMMC across the defense industrial base. His work has supported the development of assessment ecosystems, fostered stakeholder engagement and advanced education strategies critical to the program’s success. He credits the Fortinet Federal board for backing both public service and industry leadership, making this work possible.
Fortinet Federal is driving cost-saving cybersecurity solutions through automation and zero-trust architecture, enabling government agencies to modernize defenses, accelerate secure access, and consolidate overlapping security tools — reducing overhead while enhancing agility in line with federal efficiency goals.
“Paul’s leadership in both corporate and volunteer roles has been instrumental in preparing our company—and the broader DIB—for upcoming CMMC requirements,” said Steve Hoffman, Fortinet Federal president. “His forward-leaning approach to risk, compliance, and government partnership is setting a new industry benchmark.”
Why Watch
In 2025, Michaels’ team is heavily focused on unifying overlapping compliance mandates— such as NISPOM, CMMC and FedRAMP—into a streamlined, scalable security architecture that safeguards mission-critical operations while reducing administrative burden and improving overall efficiency.
“This year has been about building security coalitions, simplifying compliance, and helping the entire defense industrial base prepare for CMMC enforcement—internally through Fortinet Federal, and externally through our volunteer work at the Cyber AB,” he said.
Fun fact: Michaels is training for the Army Ten-Miler and preparing to compete in his third Spartan Race—pushing himself both mentally and physically while applying the same resilience and discipline he brings to his professional work.