Content Type: Article

The eight body problem: Exploring the implications of Salt Typhoon

By Cyber Statecraft Team

The Cyber Statecraft community and friends offer their thoughts on the implications of the Salt Typhoon campaign based on what is known to date, what the campaign says about the last four years of cybersecurity policy, and where policymakers should focus in the months ahead.

The role of data in improving cyber insurance pricing

By Alphaeus Hanson

In order to improve cybersecurity through cyber insurance, the private sector should aggregate cyber incident data to inform risk models and in turn, more accurately price cyber premiums.

The great despiser: The BSA, memory safety, and how to make a good argument badly

By Stewart Scott

Memory-safe programming languages are in the cyber policy mainstream, but some hesitation remains. Looking at the arguments around memory safety is informative for larger cyber policy debates too.

Kink in the chain: Eight perspectives on software supply chain risk management

By Cyber Statecraft Initiative

Software supply chain attacks are popular, impactful, and are used to great effect by malicious actors. To dive deeper on this topic, we asked eight experts about these threats and how policymakers can help protect against them.

Modernizing critical infrastructure protection policy: Seven perspectives on rewriting PPD21

By Will Loomis

In February of 2013, then President Obama signed a landmark executive order - Presidential Policy Directive 21 (PPD 21) - that defined how U.S. Departments and Agencies would provide a unity of government effort to strengthen and maintain US critical infrastructure. Almost a decade later, evolutions in both the threat landscape and the interagency community invite the US government to revise this critical policy.

Atlantic Council and Krach Institute for Tech Diplomacy at Purdue Launch Global Tech Security Commission

Keith Krach and former Estonian president Kersti Kaljulaid will lead nonpartisan commission of international leaders to develop global tech security strategy to counter techno-authoritarianism Washington, DC, May 26, 2022 – The Atlantic Council and Krach Institute for Tech Diplomacy at Purdue announce the launch of the nonpartisan Global Tech Security Commission to safeguard freedom from technological […]

The consequences of a US overreaction to the perceived threat of terrorism

By Christopher Preble

In the twenty years since 9/11, for example, favorable attitudes toward the United States have declined globally, with some of the sharpest declines in key US allies like Germany and the United Kingdom.

“The Hultqvist Doctrine”: Swedish security and defence policy after the Russian annexation of Crimea — Wieslander in Defence Studies journal

By Anna Wieslander

Abstract: “This article analyses how Sweden has adapted to the worsened security situation in its vicinity following Russia’s illegal annexation of Crimea and war in Eastern Ukraine. The paper builds on security policy research focused on neoclassic realism and small state strategies in order to explore how the, broadly unknown, security policy from 2009 has […]

Extremist communications: The future is corporate

By Jennifer A. Counter

Digital platforms have enabled white supremacists such as The Base to build out networks in North America, Europe, and Australia, and provide extremist groups with a low- to zero-cost means to disseminate their messages.