• An ‘Increase in Clarity’ in US Cyber Strategy

    In the year since the US Cyber Command was elevated to a unified combatant command there has been an “increase in clarity” on the US cyber strategy, specifically on the Department of Defense’s role, and an “alignment in the law,” US Air Force Brig. Gen. Timothy D. Haugh, commander, Cyber National Mission Force at US Cyber Command, said in Washington on April 23.

    “What we are focused on in terms of military activities in cyberspace is…not about what the Department of Defense’s role is, it’s how can we enable our international partners, our domestic partners, and industry to be able to defend those things that are critical to our nation’s success,” said Haugh.

    Read More
  • The Threat of AI to Energy Security

    The energy industry has become increasingly vulnerable to cyber threats as a result of rapid digitization. Cyberattacks against electricity grids, pipelines, and other critical energy infrastructure have long evolved from being mere nuisances to becoming serious security challenges.

    Yet in terms of potency, most regular computer viruses pale in comparison to up-and-coming malware based on artificial intelligence (AI). In the near future, this highly disruptive breed of malware will usher in a new era of threats to the energy industry, allowing hostile actors to wreak havoc on a scale hitherto unknown.

    Read More
  • Utilizing the Human Element to Mitigate Today’s Sophisticated Cyber Threat Landscape

    The Office of Management and Budget (OMB) released a risk report earlier this year that delivered some sobering cybersecurity news to federal agencies. According to the OMB, a majority of agencies with cybersecurity programs in place are at significant risk of attack. As noted in the report, “agencies cannot detect when large amounts of information leave their networks.”

    This revelation provides perspective to the recent prediction from Cybersecurity Ventures that global cybersecurity spending will increase steadily to exceed $1 trillion from 2017 to 2021; and, the cost of cybercrime around the world will rise to $6 trillion annually by 2021. Inherently, something is wrong with any prediction that correlates increased spending on...

    Read More
  • Our Critical Infrastructure is More Vulnerable Than Ever. Here's What We Can Do About It.

    Critical infrastructure—from the electric grid to public transportation—is under assault as cyber attackers gain a foothold in the United States.

    When the US Department of Homeland Security (DHS) released its cybersecurity strategy in May, it laid out seven goals to help the government better defend the United States and its infrastructure against the constant onslaught of sophisticated cyber threats.

    Read More
  • Hacker-Powered Security: Voices on Coordinated Vulnerability Disclosure

    The event “Hacker-Powered Security: Voices on Coordinated Vulnerability Disclosure” hosted at the Atlantic Council’s headquarters on Tuesday, September 18, 2018, celebrated the launch of the comic book, It Takes a Village: How Hacktivity Can Save Your Company—an endeavor of the Atlantic Council’s Cyber Statecraft Initiative supported by HackerOne, a company that connects ethical, white-hat hackers with companies and government agencies to find and disclose vulnerabilities through bug bounties or Vulnerability Disclosure Programs (VPDs).

    Read More
  • Election Interference: Emerging Norms of Digital Statecraft

    On September 12, 2018, the Atlantic Council’s Cyber Statecraft Initiative launched an issue brief, Defining Russian Election Interference: An Analysis of Select 2014 to 2018 Cyber Enabled Incidents. As the extent of foreign interference in domestic elections over the world becomes clear, an essential first step in combatting cyber-enabled interference is developing a common terminology that can then guide strategy going forward.

    Read More