Charles Lyons-Burt
While there are a host of potential entry points and motivations for joining the government contracting industry, Bill Cull started in the field due to a genuine passion for the federal space. A self-professed “government geek,” Cull began his career on Capitol Hill, working in the U.S. Senate and the House of Representatives, running multiple congressional campaigns and working for two congressmen as a press secretary and a chief of staff district director. He was subsequently one of the leaders in the initial E-government movement, a push to migrate paperwork and verification processes to the internet.
Cull was recruited by the former mayor of San Diego to head up their E-government program and after working a while in the role, was hired into the software market. Thus began a 25-year career assisting technology companies in creating and marketing programs to serve the government’s mission. He has served in senior leadership positions at companies such as IBM, Splunk, Oracle and Palo Alto Networks. In November, he was recruited by SpyCloud and is now vice president of the U.S. federal business.
In this Spotlight interview, Cull outlined the demands of the new era of cybercrime that has developed over the last decade, the value and risks of open-source intelligence and more.
Can you talk about how cybersecurity has impacted or changed the national security paradigm? What new trends or shifts are you seeing at the intersection of cybersecurity and national security, and how are those trends influencing the public sector today?
Cybersecurity has changed the national security paradigm in ways that we couldn’t have imagined 10 years ago. It has become the primary source, and while human intelligence, signals intelligence and all traditional intelligence sources remain important, cybersecurity now pervades every single agency and critical asset that the government has, making it the number one national security priority.
The biggest challenge is cyber criminals. I think we got used to talking about nation states and actors, and now there are hacking breaches by cyber criminals. SpyCloud’s capabilities help to track down these criminals using identity intelligence and assess trends we’re seeing in the criminal underground. One trend we’ve seen is the shift from nation states to individual actors, acting on behalf of a criminal network. The nation state threat still exists, but cyber criminals today look and feel different than they did 10 years ago.
With the advent of malware, it doesn’t take much for a cyber criminal to gain access. For example, a high-level government worker’s home network in the Washington, D.C. area or their kids’ iPad is a target. Once in, they can branch out. The fact that all of this information is available on the dark web as open-source intelligence to the highest bidder is a key change in the national security paradigm.
What do you think is the biggest threat facing U.S. cyber systems today, and what can be done to protect against that threat?
There is a persistent threat on U.S. cyber systems. To protect against this threat, considering information from an open-source intelligence perspective is crucial. The dark web is a vast source of information on breaches, like a grocery store of stolen data. SpyCloud offers access to open-source intelligence, allowing for a spider-web approach to identity intelligence. You can trace connections from a fake email address to a phone number, IP address, country and relationships with companies. Identity intelligence is poised to deliver a significant blow to attacks on U.S. cyber systems.
What emerging technologies do you anticipate will have the greatest impact on our standing in the great power competition in the next few years? Where are you seeing opportunities for accelerated, meaningful tech growth for the U.S.?
If you examine recent developments, particularly in the news of the day, artificial intelligence and machine learning stand out. As a company, we focus on AI, including data analytics and password cracking with machine learning. This technology drastically reduces the time required for what used to be otherwise be a multi-year effort to crack passwords.
The impact is both positive and negative. Ownership of artificial intelligence comes with the responsibility to prevent distribution to the wrong hands. In the realm of emerging technologies related to identity intelligence, SpyCloud addresses the challenges of anonymous hacks and breaches.
Previously, pursuing cyber criminals was challenging, and one was at the mercy of their actions. With identity intelligence, we can provide comprehensive information on individuals and their associated networks. This often includes physical location, the type of machine they use, their address and more. The technology turns the anonymity of operating on the web upside down. SpyCloud’s vast identity intelligence can assist the federal government, including some of its most critical mission programs, in identifying individuals who wish to remain hidden.
We’ve seen a historic migration within the IC toward more unclassified work, which is sparking changes in the way the IC develops software. Can you elaborate more on the impact that unclass work has had on your organization’s software development?
The exclusive focus on open-source intelligence is intriguing. The sheer size of the dark web, compared to the internet as known by the general public, is vast and filled with potentially harmful information. Working with open-source intelligence allows us to leverage this information to counteract cybercriminals effectively. Our unclassified work plays a pivotal role in various government programs, often related to conflicts, wars, or geopolitical issues featured in the nightly news.
Essentially, anything covered in the media is likely connected to our involvement with the government in an unclassified capacity. For instance, in scenarios where the United States imposes sanctions on another government, and a list of 40 companies is identified, we might contribute by presenting an additional 400 companies that should be sanctioned. Although the raw data we provide is unclassified, the subsequent actions taken by the government and the mission programs are classified. This ability to offer extensive open-source intelligence in an unclassified manner is highly impactful, as demonstrated by the example of identifying companies for sanctions during the conflict in Ukraine.
