Issues

Cybersecurity Technology & Innovation
About Related Content

Recommended Reading

Breaking trust: Shades of crisis across an insecure software supply chain

Report Jul 26, 2020

Breaking trust: Shades of crisis across an insecure software supply chain

By <span>Dr. Trey Herr, William Loomis, Stewart Scott, June Lee</span>

Software supply chain security remains an under-appreciated domain of national security policymaking. Working to improve the security of software supporting private sector enterprise as well as sensitive Defense and Intelligence organizations requires more coherent policy response together industry and open source communities.
Cybersecurity Defense Technologies
Supersize cyber

NATO 20/2020 Oct 14, 2020

Supersize cyber

By <span>Safa Shahwan Edwards</span>, <span>Will Loomis</span>, <span>Simon Handler</span>

NATO should adopt a digital .2 percent policy whereby member states commit to spend .2 percent of their gross domestic product on cybersecurity and digital defense modernization.
Cybersecurity Europe & Eurasia

In the News Jan 22, 2021

Loomis and Scott in Lawfare: A role for the vulnerabilities equities process in securing software supply chains

By Nicole Meir

On Jan. 14, something unusual happened—the National Security Agency (NSA) publicly announced that it had discovered a critical vulnerability (CVE 2020-0601) deep within Windows 10 and reported it to Microsoft for patching. The disclosure was lauded because of the bug’s severity; buried in a cryptographic library, it would have allowed opportunistic attackers to decipher encrypted […]
Cybersecurity

Events

Online Event Fri, November 3, 2023 • 11:00 am ET

Joining forces: Veteran perspectives on cyber and tech workforce development
Cybersecurity
Online Event Tue, December 14, 2021 • 3:00 pm ET

Charting course: Next steps for maritime cybersecurity with allies and partners
Cybersecurity Europe & Eurasia Indo-Pacific Maritime Security

All Content

Article

Sep 27, 2023

Kink in the chain: Eight perspectives on software supply chain risk management

By <span class="gta-embed--tax--expert gta-post-embed--tax--expert" >Cyber Statecraft Initiative</span>

Software supply chain attacks are popular, impactful, and are used to great effect by malicious actors. To dive deeper on this topic, we asked eight experts about these threats and how policymakers can help protect against them.

Cybersecurity United States and Canada

Trackers and Data Visualizations

Sep 27, 2023

Software supply chain security: The dataset

By <span class="gta-embed--tax--expert gta-post-embed--tax--expert" >Will Loomis, Stewart Scott, Trey Herr, Sara Ann Brackett, Nancy Messieh, and June Lee</span>

Want to dive deeper into the Breaking Trust database? You have come to the right place.

Cybersecurity United States and Canada

In-Depth Research & Reports

Jul 18, 2023

The National Cybersecurity Strategy Implementation Plan: A CSI Markup

By <span class="gta-embed--tax--expert gta-post-embed--tax--expert">Trey Herr</span>, <span class="gta-embed--tax--expert gta-post-embed--tax--expert">Stewart Scott</span>, <span class="gta-embed--tax--expert gta-post-embed--tax--expert">Maia Hamin</span>, <span class="gta-embed--tax--expert gta-post-embed--tax--expert">Will Loomis</span>, <span class="gta-embed--tax--expert gta-post-embed--tax--expert">Sara Ann Brackett</span>, <span class="gta-embed--tax--expert gta-post-embed--tax--expert">Jennifer Lin</span>

On July 13, the White House released the Implementation Plan for the 2023 US National Cybersecurity Strategy. Read along with CSI staff, fellows, and experts for commentary and what the NCSIP means for the Strategy.

Cyber Strategy Cybersecurity
Load More

Will Loomis is a nonresident fellow with the Cyber Statecraft Initiative, part of the Atlantic Council Technology Programs. He is also a risk and resilience advisor in the Office of the Chief Security Officer at Berkshire Hathaway Energy.

Loomis previously served as a senior policy advisor at the Cybersecurity and Infrastructure Security Agency, where he led the agency’s policy work on critical infrastructure security and resilience and offensive cyber operations. Before that, he was an associate director with the Cyber Statecraft Initiative, where he led the program’s work on critical infrastructure cybersecurity and software supply chain risk management. He was also formerly the chair of Young Professionals in Foreign Policy’s Cybersecurity Policy & Technology Discussion Group and an organizer for policy at the DEF CON hacking conference.

Originally from New York, he holds a BA in political science, with a focus on international relations and securities studies from Colgate University. He is also a certified bourbon steward.