When NSA employees leave to start their own companies

Zuly Gonzalez and Beau Adkins are co-founders of Light Point Security.
Zuly Gonzalez and Beau Adkins are co-founders of Light Point Security. (Lloyd Fox / Baltimore Sun)

Adam Fuchs and his small team labored for years inside the National Security Agency on a system that would enable analysts to access vast troves of intelligence data and spot hidden patterns.

"We very much had a startup feel," Fuchs said. The team worked in an office at Fort Meade with ideas scrawled across whiteboards and old furniture scattered around.


Their work helped analysts identify terrorist groups. But the ordinarily secretive NSA did something else with the technology: Figuring that others could make use of it, too, the agency released it to the world for free.

And that was when those who had built the tool saw an opportunity. Half eventually left the agency to develop it on the outside. Fuchs and others founded a company.


Their departure exemplifies a challenge facing the NSA: The agency spends years training some of the nation's brightest minds in cutting-edge skills only to watch them take those skills to more lucrative jobs in the private sector.

High-profile hacking incidents, such as the attacks on Sony Pictures Entertainment, the health insurer Anthem and Target have helped fuel the demand for people who can protect computer networks. Intelligence officials say the analysts, engineers and technologists hired after the attacks of Sept. 11, 2001, expect to move from employer to employer over the course of their careers, taking their skills to the highest — or most interesting — bidder.

"What the workforce desires — particularly the younger people — is mobility," Director of National Intelligence James R. Clapper said last month at a security conference in Washington. "They're not too concerned with sticking with one institution for a 30-year lifetime career."

The NSA has tasked a dozen teams with figuring out how to hire and hold onto employees. Human resources director Kathy Hutson uses the motto "Keep them for five, keep them for a career" — but acknowledges the challenge.


"The new workforce we're bringing on board, they want to learn, they want to grow, they want to tackle tough problems, they want to be innovative," she told Federal News Radio this year — and many former employees say the agency does offer those kinds of opportunities.

But Hutson added: "They're going to want experiences that aren't going to be just at NSA."

That has meant a crop of 30-something employees who have left in search of better pay — stories of workers doubling their salaries are common — or to strike out and build something of their own.

Fuchs is now the chief technology officer at Sqrrl, the company he started with former NSA colleagues.

They quickly learned that acting like a startup inside the NSA was one thing; actually building a company from scratch was another.

"It was a big change for us," he said. "There was a lot of risk of leaving our cushy government jobs."

But the payoff can be huge.

One former employee launched a company called Onyara at the end of last year in Carroll County. By August, it was acquired by the Silicon Valley firm Hortonworks in a stock deal worth nearly $40 million.

Former employees say they saw an opportunity to take the skills they had developed inside the NSA, gain some freedom and do something new.

While Zuly Gonzalez was still at the NSA, she spent nights and weekends tinkering with a way to make browsing the Internet safer — always with an eye on leaving to start a company.

Gonzalez worked in the NSA defending networks; colleague Beau Adkins was involved in gathering intelligence. Between them, they thought, they could come up with a clever new approach.

"We knew how easy it was and still is to circumvent traditional security products," she said.

They started working together in 2008 on a technology that creates a layer between a computer and the Internet, and aims to trap any threats in that layer. By 2012, she said, she was no longer willing to deal with the politics involved in getting promoted, and the product seemed ready.

Gonzalez and Adkins called the company Light Point Security and eventually moved into offices near the University of Maryland, Baltimore County campus. Being able to note that they came from the NSA has proved useful when pitching new clients, she said.

"People know that we know things that not everybody knows," Gonzalez said. "They just sort of accept it and it gives us some credibility."

The NSA's leaders say that by appealing to the patriotism of recruits, they can attract talented employees who might make more money elsewhere. Adm. Michael S. Rogers, the agency's director, told lawmakers last month that the importance of the NSA's work is a lure, even if it cannot offer the level of pay available in the private sector.

"It's the power of mission and the sense of serving something bigger than yourself," he told the Senate Intelligence Committee. "That ultimately is the edge that we have. That's not something you can easily replicate on the outside."

But later in the hearing, Rogers acknowledged that some workers were frustrated by the added scrutiny they have faced since former contractor Edward J. Snowden leaked details of the agency's secret programs to the news media.

He said employees have asked him: "Because of the actions of one individual you are now monitoring me, you're now watching my behavior in a way you didn't initially do before? Hey, do I want to work in a place like that?"

And even the attraction of serving the nation in a government job might be weakening for some employees. Will Ackerly deployed to Iraq with the NSA and said he was invested in developing ways to make sure that information was transmitted securely to the troops who needed it.

But over the years, he said, he began to see how vulnerable the public was when exchanging information online. The problem tugged at him; he eventually decided to start a company to solve it.

"I felt like I couldn't ignore it anymore," he said.

Ackerly said the experience he received in eight years on the job at the NSA was invaluable in helping him get the venture off the ground.

"The two things that I brought from there were really good training around how to build secure systems and an appreciation for how information can get compromised," he said.

He founded a company called Virtru in 2012, holing himself and two partners up in a house in Virginia for nine months. Their aim was to develop a way of encrypting email that is easier to use than current tools, which often involve a complicated process of making and trading digital keys to swap messages securely.

There has been a fierce battle over encryption this year. Intelligence agencies and the FBI argue that broader adoption of the technology makes it harder to find terrorists communicating online. Some companies and activists say it is the only way for people to protect their privacy from government spying.

But as all kinds of U.S. businesses and individuals become targets for foreign hackers, Ackerly hopes that his former employer will welcome the adoption of tools of the sort he is developing. Unlike some methods of encryption, messages scrambled using Virtru can still be obtained by investigators who have a warrant.

"It's fighting a war outside of the context of just the U.S. government. Companies and individuals are involved," Ackerly said. "The question is, 'How do we fight back there?'"


Sherri Ramsay, a former senior official at the NSA, said the government and the private sector both have important roles in cybersecurity, because most networks are owned by companies. In her view, a flow of insider knowledge from the NSA to the wider world could help the nation as a whole better fight off hackers.


"The more that commercial industry and academia understand NSA and the federal government and what they're attempting to do, the better," she said. "Movement of our people in and out of those entities is hugely helpful to that happening."