Cyber Statecraft Initiative

  • IRGC Change of Command Signals Tehran’s New Offensive Approach

    In a sudden announcement on April 21, Iran’s Supreme Leader appointed General Hossein Salami, the former deputy commander of the Islamic Revolutionary Guards Corps (IRGC), as the elite force’s new head. 

    Supreme Leader Ayatollah Ali Khamenei had extended the tenure of the former IRGC top commander, General Mohammad Ali Jafari, by another three years in 2017 after he had served for a decade. The decision to replace him with Salami was unexpected and premature.

    Read More
  • Cybersecurity: Changing the Model

    pdfRead the Publication (PDF)
    The current model of cybersecurity is outdated. Adversaries continue to grow more sophisticated and outpace advancements in defense technologies, processes, and education. As nation states enter into a new period of great power competition, the deficiencies in current cybersecurity practice, evidenced by the growing number of successful cyber-attacks from Russia, China, North Korea, and others, pose a greater threat.
    The need to update the cybersecurity model is clear. An enhanced public-private model – based on coordinated, advanced protection and resilience – is necessary to protect key critical...

    Read More
  • 5G Access Key to Competing Globally, Says Former Homeland Security Secretary Chertoff

    A tweet can reveal your location, an Apple Watch monitors your health, a grocery chain loyalty card allows the supermarket to track your purchases. All of this constitutes what Michael Chertoff describes as “digital exhaust”—data that we constantly and unconsciously emit. The challenge this poses is how to protect that data in an increasingly interconnected world.


    Even as governments grapple with this challenge, “we also should consider the next generation of technology that is going to support the Internet—and that is 5G,” said Chertoff, who served as secretary of the US Department of Homeland Security from 2005 to 2009.


    Read More
  • An ‘Increase in Clarity’ in US Cyber Strategy

    In the year since the US Cyber Command was elevated to a unified combatant command there has been an “increase in clarity” on the US cyber strategy, specifically on the Department of Defense’s role, and an “alignment in the law,” US Air Force Brig. Gen. Timothy D. Haugh, commander, Cyber National Mission Force at US Cyber Command, said in Washington on April 23.

    “What we are focused on in terms of military activities in cyberspace is…not about what the Department of Defense’s role is, it’s how can we enable our international partners, our domestic partners, and industry to be able to defend those things that are critical to our nation’s success,” said Haugh.


    Read More
  • The United States is Adapting to the Cyber Challenge, Says Top DHS Official

    One of the United States’ top cybersecurity officials noted the progress the US government has made in engaging potential domestic and international targets of cyberattacks, but argued that “information sharing is the minimum bar” the federal government should clear. According to Christopher Krebs, the director of the Cybersecurity and Infrastructure Security Agency in the Department of Homeland Security, “we have to get beyond information sharing… to operationalizing information security.”

    Krebs, who spoke at the eighth annual International Conference on Cyber Engagement (ICCE) in Washington, DC, on April 23, argued that more action is needed to defend US businesses and critical infrastructures as hostile nation states are ramping up their attacks on US entities.


    Read More
  • International Engagement Key to Building Cyber Resilience

    US and international cybersecurity officials called for greater international cooperation to combat Internet crime and malign cyber activity during the 8th annual International Conference on Cyber Engagement (ICCE) in Washington, DC, on April 23.

    David Koh, who serves as commissioner of cybersecurity, chief executive of the Cyber Security Agency, and defense cyber chief in Singapore’s Ministry of Defense, called for likeminded nations to establish “a rules-based cyberspace based on applicable international law and the adoption of voluntary operational norms.” Koh argued that other global common spaces, such as maritime and aviation, are governed by complex international rule systems, and “cyberspace should not be any different from the physical domains.”


    Read More
  • Atlantic Council Announces 2019 International Conference on Cyber Engagement

    WASHINGTON, DC – The Atlantic Council’s Scowcroft Center for Strategy and Security will host the eighth annual International Conference on Cyber Engagement (ICCE) on April 23, 2019, in Washington, DC, in partnership with Dentons, PKO Bank Polski, Texas A&M University and media partner The Cipher Brief. Organized since 2011 by Dr. Catherine Lotrionte, Brent Scowcroft Scholar at the Atlantic Council, the conference draws on the experience of government representatives, industry practitioners, and academic scholars to bring a multidisciplinary and global approach to challenges in cyberspace. The last time it was held in 2017, the conference attracted over 800 participants from nearly 400 organizations representing 43 nations.


    Read More
  • Cyber Risk Wednesday: Supply Chain Security in the 21st Century

    On March 27, 2019, the Atlantic Council’s Cyber Statecraft Initiative, housed within the Scowcroft Center for Strategy and Security, hosted a public panel to discuss supply chain cybersecurity. The timely discussion, underwritten by Raytheon, followed on the heels of the March 25 disclosure that computer hardware company ASUS had unwittingly been delivering malicious software to ASUS computer owners via its automatic software update utility. While an estimated one million ASUS computer users were affected in the campaign that Symantec Corporation believes began as early as June 2018, other supply chain attacks, such as NotPetya in 2017, have been far more widespread and damaging, and will certainly grow more so in the future.


    Read More
  • 7th Annual DC Cyber 9/12 Strategy Challenge

    On March 21-22, 2019, the Atlantic Council’s Cyber Statecraft Initiative hosted its seventh annual DC Cyber 9/12 Strategy Challenge. United States Air Force Academy’s team, “Delogrand,” winning first place in the Student Track and National Defense University College of Information and Cyberspace’s team, “NDU Team 3,” winning first place in the Professional Track. Grand prize for both teams was tickets, flights and lodging to the eighth International Conference on Cyber Engagement on April 23 in Washington, DC. “MIISattribution 2.0” of the Middlebury Institute of International Studies at Monterrey and “NDU Team 4” of National Defense University took second place in the Student and Professional tracks, respectively.


    Read More
  • It’s Time for a Cyber Geneva Convention

    We have put almost everything out there in cyberspace—personal data, intellectual property, even access to the controls of critical infrastructure. And we have been woefully deficient in defending it. With each passing day, our nation faces an onslaught of cyber threats from various adversaries, including nation states.


    The good news is that the White House and the Department of Defense (DoD) both have released closely aligned cyber strategies that stress the importance of tackling these threats head-on through partnerships with our allies, the private sector, and between agencies, to “defend forward, shape the day-to-day competition, and prepare for war.”


    Read More