Advancing Cyber Resilience: Gus Hunt Q&A

Former CTO for the CIA Gus Hunt continues to help protect our nation's most valuable data.


Tell us about your role as the Cyber Strategy Lead at Accenture Federal Services.

I’m honored to be part of this forward-thinking team in our mission to reimagine cybersecurity for the 21st century. I see my position with Accenture Federal Services as an opportunity to take what I have learned and done throughout my career to enhance the cybersecurity posture of our clients. Because cyber breaches will happen—it’s when, not if—we must deliver capabilities that minimize the potential loss that could occur through both malicious and unintentional acts, and enable resilience and operational continuity. All of us on the Accenture Federal Services cybersecurity team believe what we are doing will enable us to make a real difference in our clients’ cybersecurity journey, and ultimately impact the security of the world around us. That’s an exciting proposition, and one that I am personally passionate about.

"The hardest challenge in the government sector—or private—is trying to keep pace with threat velocity. It is truly a case of “it’s never done, never over."

Federal Cyber Strategy Lead

Connect with Gus Hunt on LinkedIn. This  opens a new window. Follow Gus Hunt on Twitter. This opens a new window.

Bringing cloud technology to the intelligence community

You mentioned your prior experiences in the cyber realm. Most notable among these is your role as the CTO for the Central Intelligence Agency, which you held for four years. What were some highlights of your experience there?

When I began at the Agency in 2009, it was at a time when major shifts driven by the social internet, mobility and the cloud were just beginning, and the term “big data” hadn’t entered into the common lexicon. The recession of 2008 had taken its toll on the technology sector and investment was hard to come by. What happened in the latter half of 2009 was an astounding explosion of technological innovation and change, driven by the cloud. Technology leadership had moved to the consumer sector and the velocity of innovation and change was at a pace that traditional “government” approaches could not keep up with. It became clear we needed to find a way to securely use private sector innovation to the intelligence community’s advantage.

In terms of outcomes, what I am most known for is leading the decision to bring commercial cloud technology to the Agency and intelligence community. While it may seem to be an obvious decision today, at the time it was a long and difficult process involving many talented people across the spectrum—technology, operations, contracting, legal and finance. We needed to truly understand the benefits of going commercial versus building our own, and in the end, the key decision drivers were the velocity of innovation and high level of security we could harness by embracing commercial cloud.

Addressing cybersecurity challenges

What do you believe are the top cybersecurity challenges facing agencies today?

The hardest challenge in the government sector—or private—is trying to keep pace with threat velocity. It’s an extraordinary challenge that creates “C-suite exhaustion,” as it is truly a case of “it’s never done, never over.” Cyber is the world’s first frictionless weapon system. The moment anybody releases something into the cyber wild, it’s only a matter of moments before everyone takes advantage of the new opportunity to hack vulnerable systems.

Perhaps the most acute challenge is talent. Agencies need the right talent, and enough of it, combined with the right technologies and approaches to essentially ruin the economics of the hackers’ game.

How has the Internet of Things (IoT) changed the threat landscape?

We live in a perimeter-less world driven by mobility, where security is often an afterthought and the weakest link in our protection chain puts everything else at risk. IoT is estimated to be a multi-trillion-dollar market in the next several years, and the rush to profit from it will supersede security concerns and create an opportunity for massive mischief and wholescale abuse of vulnerable devices.

Government can’t escape it—none of us can. The question is, how do we operate in this new world? We need to rethink how we protect against threats with a focus on identity as the new perimeter, and data-centric security, network segmentation and isolation as default conditions.


What are some of the specific ways in which you guide clients on their cyber journey?

Our ultimate goal is to shift the balance of power away from the adversary and back in our favor. We want to transition our clients from being static attack targets to highly resilient, polymorphic entities. Simply put, it’s hard to hit a moving target.

To achieve that, we work with agencies to create environments and systems that never look the same twice. Even if hackers get a hook in the system, they are stymied. We dynamically isolate what is affected so the agency moves forward to ensure continuity of their operations.

For us, the most important thing we can do is meet our clients where they are in their cyber journey and help them on their way. Like building with LEGO blocks; we start with incremental steps and assemble additional capabilities and sophisticated enhancements on top of that. We should all remember that we got into our current state of cyber affairs one system at a time, and we will get out of it the same way: one system at a time.

When you’re not building with cyber LEGO blocks, what do you like to do to relax?

I’m a firm believer that life is to be enjoyed at work and at play. My family is made up of great outdoor enthusiasts—we bike, travel, ski and play tennis. I have three beautiful granddaughters who are a delight, and I’m also an amateur photographer, which ties nicely to our travel and family activities. I particularly enjoy shooting panoramas and I’ve captured some amazing images so we can look back to the experiences we’ve had together for years to come.


Watch this video of an interview with Gus about the evolving cybersecurity threat landscape.


Bold Ideas: Accenture Labs

One of seven research hubs around the world, our Washington DC Accenture Lab is 100 percent cybersecurity R&D.



Stay In The Know

Receive e-mails from Accenture featuring new content that matches your interests.

Visit the subscription center to make your selections and subscribe to New from Accenture.