Sun, Jul 26, 2020
Software supply chain security remains an under-appreciated domain of national security policymaking. Working to improve the security of software supporting private sector enterprise as well as sensitive Defense and Intelligence organizations requires more coherent policy response together industry and open source communities.
Wed, Oct 14, 2020
NATO should adopt a digital .2 percent policy whereby member states commit to spend .2 percent of their gross domestic product on cybersecurity and digital defense modernization.
Fri, Jan 22, 2021
Loomis and Scott in Lawfare: A role for the vulnerabilities equities process in securing software supply chains
On Jan. 14, something unusual happened—the National Security Agency (NSA) publicly announced that it had discovered a critical vulnerability (CVE 2020-0601) deep within Windows 10 and reported it to Microsoft for patching. The disclosure was lauded because of the bug’s severity; buried in a cryptographic library, it would have allowed opportunistic attackers to decipher encrypted […]
William Loomis is an assistant director with the Atlantic Council’s Cyber Statecraft Initiative within the Scowcroft Center for Strategy and Security. In this role, he manages a wide range of projects at the nexus of geopolitics and national security with cyberspace. Prior to joining the Atlantic Council, he worked on market research and strategy at an emerging technology start-up in Madrid, Spain.
Originally from New York, he holds a BA in Political Science, with a focus on International Relations and Securities Studies from Colgate University.