Through global engagement and thought leadership, the Atlantic Council's Cyber Statecraft Initiative focuses on international cooperation, competition, and conflict in cyberspace.
Cyberspace is similar to many physical realms, but it truly stands apart as a unique domain. Accordingly, while some of the levers of statecraft that deal with cyberspace may be the same as in the real world; some may seem the same yet operate differently, and others may be completely novel. Cyber statecraft will be a key tool to guide policymakers through the maze of regulation in cyberspace.
Our experience is that the education and experience of most diplomats, government executives, and military officers is far more relevant than they have been led to believe. Accordingly, one of the Initiative's main areas of emphasis is to bring together the new field of cyber statecraft with traditional national security and international relations to finally make progress on the many issues vexing the US and other governments.
Entering 2014, and still relatively at the dawn of the Information Age, we face a dilemma with regards to cyberspace and the stakes could not be higher: ensuring the Internet and cyberspace remain at least as free, and as awesome, for future generations as they have been for ours. The Cyber Statecraft Initiative has accordingly made "Saving Cyberspace" the mission to guide its work with many novel concepts and projects to help bring this vision to a practical reality in Washington DC and other national capitals and technology centers.Download the Saving Cyberspace overview
A “Cyber 9/11” or “Digital Pearl Harbor” are common phrases with little exploration of what they actually mean or what we might do afterwards. The Cyber 9/12 Project explores how we should respond the day after a major cyber calamity. The headline Cyber 9/12 Project, part conference and part exercise, is an innovative event which presses leaders in government and private industry to explore day-after responses to a major cyber attack. A parallel event, the Cyber 9/12 Student Challenge, is a student competition devoted to challenging students to create and present high-level policy recommendations for day-after responses to a major cyber attack to a panel of judges drawn from the upper echelons of the White House, Department of Defense, Department of State and leading cyber security firms.
The Atlantic Council, in partnership with Zurich Insurance, is managing a year-long effort to understand the global aggregation of cyber risks which could cause systemic shocks and ways, such as insurance and resilience, to mitigate them. Currently, cybersecurity professionals are looking at cyber vulnerabilities one organization or one nation at a time, without looking at the systemic risk to the overall system. This approach is similar to how the financial sector handled risks prior to the 2008 crisis. Prior to then, financial risks were assessed one organization at a time, not recognizing how a shock to one sector, US sub-prime mortgages, might cascade to take down everyone else. The flagship initiative of the project is the "Cyber Risk Wednesdays" event series which features discussions aimed at reaching a better understanding of the consequences from concentrated and cascading cyber risks and means of mitigating them. Cyber experts dive into topics such as traditional and emerging cyber threats; costs and benefits of using insurance to tackle cyber threats; cascading failures and systemic stability of critical infrastructure and sectors; and role of measurement and data in assessing cyber risks.
Militaries study past wars in the air, sea, and land to learn appropriate lessons. However, even though cyber conflicts have been with us for over two decades, this history is largely ignored, forcing us to re-learn old lessons and repeat mistakes. This project has resulted in the first-ever cyber conflict history book to capture the lasting policy lessons of conflict in this new domain. A Fierce Domain: Conflict in Cyberspace, 1986 to 2012
explores the twenty-six-year history of cyber conflict and analyzes case studies of the most significant cyber incidents. It is the first book of its kind—a comprehensive, accessible history of cyber conflict. A Fierce Domain
reaches back to look at the major “wake-up calls,” the major conflicts that have forced the realization that cyberspace is a harsh place where nations and others contest for superiority. The book identifies the key lessons for policymakers, and, most importantly, where these lessons greatly differ from popular myths common in military and political circles.
Strong cybersecurity, built on reliable and resilient networks, is critical to national and economic security. The path to comprehensive cybersecurity that maintains the Internet as an open, interoperable, secure, and reliable medium of exchange leads through responsible Internet governance. Too often, nations rush first to short-term security solutions, relegating to afterthought strategic decisions surrounding effective governance structures that serve the needs to all Internet users. The Cyber Statecraft Initiative's project on internet governance seeks to broaden this critical conversation with international, public, and private stakeholders.