Delaware officials announced Thursday that the state recently hired Solomon Adote as its top cybersecurity official, filling a gap left in July by the retirement of Elayne Starkey , who had held the position for 13 years. Adote, who began his new role last month, joined the state government after nearly six years as the information security manager for the global chemical manufacturer FMC Corporation.
In a press release, Delaware Chief Information Officer James Collins said Adote “brings a great blend of organizational and tactical information security experience that will be invaluable as our digital government strategy evolves.”
Adote’s chief security officer gig is his second turn with Delaware’s Department of Technology and Information. From 2003 to 2006 he worked as a network analyst and service support administrator before taking a position at QVC, the home-shopping television channel based in West Chester, Pennsylvania. In an interview, Adote credited QVC with providing “some of the toughest lessons” he’s received about information security.
“What people don’t realize is that the most attacked environments are e-commerce,” Adote told StateScoop. “QVC at that time was the second-largest multimedia commerce company in the world.”
While the name QVC conjures for many an image of homebodies dialing a phone number on a television screen to order costume jewelry or cleaning products, the company had shifted to a primarily online business by the time Adote arrived.
“Yes, a few people still call in, but most of our transactions were online,” he said.
And working at QVC from 2006 to 2012 put Adote in the middle of a transformation from traditional, desktop-based commerce to mobile platforms capable of processing hundreds of thousands of transactions per day. The only downtime he got, Adote said, was when they went offline from noon to midnight on Christmas. That often meant “writing code on the fly” and implementing enterprise-level cybersecurity tools just as they were coming onto the market, Adote said.
“We were using Palo Alto [Networks] before people knew what Palo Alto was,” he said. “Inline-packet encryption before people knew what that was. We processed as many credit cards as any company. Literally the auditors lived in our office.”
Adote did not originally set out to be an information security specialist. As a student at Delaware State University, he had trained to become a commercial pilot, and was in the middle of a training flight when the 9/11 terrorist attacks took place. He remembers getting radio silence when he started to land at the airfield in Cheswold, Delaware.
Jobs in the aviation industry dried up after 9/11, and Adote shifted by landing with an IT consulting firm. He also took community college courses, and later completed a master’s program in computer information technology at Regis University, a private Jesuit institution in Denver.
Adote left QVC in early 2012 to take over FMC’s global cybersecurity operations, a position in which he oversaw the supply chains for chemicals used in agriculture around the world. The role gave Adote an early experience with the so-called “internet of things” in developing security protocols for devices like temperature controls on large industrial equipment. It also put him in charge of a 90-person team responsible for the cybersecurity of the 7,000-person corporation that had dozens of offices around the world.
Now back with Delaware, Adote is in charge of a 12-person office responsible for safeguarding the state government’s plans to continue digitizing its services. Among the recent projects the state’s embarked upon are a text-to-911 service, digital drivers’ licenses and exploring blockchain technology for record-keeping . Those initiatives and others give Adote plenty to do from a security perspective.
“What I intend to do is really assess what we do now and come up with an information security program that is based on the premise of service,” he said.
One goal Adote said he’s especially keen on pursuing is that of “identity as a service,” or a single sign-on that can be used to access services across the entire state government. He said a public-facing project like that could give Delaware residents a better sense of what the state cybersecurity office does.
“As a citizen, one of the things I’m challenged with is that there are multiple third-party providers offering services on behalf of the state,” he sad. “They’re collecting all this sensitive information from you. They can see you’re in the system. I’d like to see us do that. If [the state does] that, you can take that identity and add services on top of that like getting a driver’s license or buying an apartment.”
State employees will likely be the first customers to get a single-sign-on service, Adote said.
In the mean time, he said returning to Dover will keep him busy, but not so busy he can’t climb back into the cockpit, which often proved impossible when FMC was bouncing him around the world.
“Every year my wife says ‘I’m buying you flight time,’ but then I’m traveling the whole year,” he said. “One thing [in Dover] is that [Delaware State University] is right around the corner, so I’m trying to get back into it.”