Issues

Cybersecurity Technology & Innovation
About Related Content

Recommended Reading

Breaking trust: Shades of crisis across an insecure software supply chain

Report Jul 26, 2020

Breaking trust: Shades of crisis across an insecure software supply chain

By Dr. Trey Herr, William Loomis, Stewart Scott, June Lee

Software supply chain security remains an under-appreciated domain of national security policymaking. Working to improve the security of software supporting private sector enterprise as well as sensitive Defense and Intelligence organizations requires more coherent policy response together industry and open source communities.
Cybersecurity Defense Technologies
Supersize cyber

NATO 20/2020 Oct 14, 2020

Supersize cyber

By Safa Shahwan Edwards, Will Loomis, Simon Handler

NATO should adopt a digital .2 percent policy whereby member states commit to spend .2 percent of their gross domestic product on cybersecurity and digital defense modernization.
Cybersecurity Europe & Eurasia

In the News Jan 22, 2021

Loomis and Scott in Lawfare: A role for the vulnerabilities equities process in securing software supply chains

By Nicole Meir

On Jan. 14, something unusual happened—the National Security Agency (NSA) publicly announced that it had discovered a critical vulnerability (CVE 2020-0601) deep within Windows 10 and reported it to Microsoft for patching. The disclosure was lauded because of the bug’s severity; buried in a cryptographic library, it would have allowed opportunistic attackers to decipher encrypted […]
Cybersecurity

Events

Online Event Fri, November 3, 2023 • 11:00 am ET

Joining forces: Veteran perspectives on cyber and tech workforce development
Cybersecurity
Online Event Tue, December 14, 2021 • 3:00 pm ET

Charting course: Next steps for maritime cybersecurity with allies and partners
Cybersecurity Europe & Eurasia Indo-Pacific Maritime Security

All Content

In-Depth Research & Reports

Oct 4, 2021

A system of systems: Cooperation on maritime cybersecurity

By William Loomis, Virpratap Vikram Singh, Dr. Gary C. Kessler, Dr. Xavier Bellekens

The MTS is not monolithic; it is a markedly complex “system of systems.” This section segments the MTS into three discrete systems—ships, ports, and cargo—each with its own life cycle, in order to highlight areas of risk and leverage for policy makers and the industry.

Cybersecurity
Maritime Security

In-Depth Research & Reports

Oct 4, 2021

Introduction: Cooperation on maritime cybersecurity

By William Loomis, Virpratap Vikram Singh, Dr. Gary C. Kessler, Dr. Xavier Bellekens

It is imperative to establish at the outset that there is no silver bullet for maritime cybersecurity. This report is intended to deliver a more complete and operational plan to better protect the MTS by focusing on building upon, broadening, and deepening the priorities put forward by the National Maritime Cyber Plan by focusing on three key principles: risks and standards, information and intelligence sharing, and creating a maritime cybersecurity workforce.

Cybersecurity
Defense Technologies

Report

Sep 13, 2021

Cyber defense across the ocean floor: The geopolitics of submarine cable security

By Justin Sherman

The vast majority of intercontinental global Internet traffic—upwards of 95 percent—travels over undersea cables that run across the ocean floor. The construction of new submarine cables is a key part of the constantly changing physical topology of the Internet worldwide. However, this dependence is not matched by increased security, leaving our undersea cables—the core of the global internet—at risk.

Cybersecurity
Europe & Eurasia
Load More

Will Loomis is a nonresident fellow with the Cyber Statecraft Initiative, part of the Atlantic Council Technology Programs. He is also a risk and resilience advisor in the Office of the Chief Security Officer at Berkshire Hathaway Energy.

Loomis previously served as a senior policy advisor at the Cybersecurity and Infrastructure Security Agency, where he led the agency’s policy work on critical infrastructure security and resilience and offensive cyber operations. Before that, he was an associate director with the Cyber Statecraft Initiative, where he led the program’s work on critical infrastructure cybersecurity and software supply chain risk management. He was also formerly the chair of Young Professionals in Foreign Policy’s Cybersecurity Policy & Technology Discussion Group and an organizer for policy at the DEF CON hacking conference.

Originally from New York, he holds a BA in political science, with a focus on international relations and securities studies from Colgate University. He is also a certified bourbon steward.