Content

Report

Sep 26, 2022

Security in the billions: Toward a multinational strategy to better secure the IoT ecosystem

By Patrick Mitchell, Liv Rowley, and Justin Sherman with Nima Agah, Gabrielle Young, and Tianjiu Zuo

The explosion of Internet of Things (IoT) devices and services worldwide has amplified a range of cybersecurity risks to individuals’ data, company networks, critical infrastructure, and the internet ecosystem writ large. In light of this systemic risk, this report offers a multinational strategy to enhance the security of the IoT ecosystem. It provides a framework for a clearer understanding of the IoT security landscape and its needs, looks to reduce fragmentation between policy approaches, and seeks to better situate technical and process guidance into cybersecurity policy.

Cybersecurity Internet of Things

Article

Sep 22, 2022

Assumptions and hypotheticals: Second edition

By Emma Schroeder

In the second "Assumptions and Hypotheticals," we explore various topics, including the cyber sovereignty debate, the question of an attribution threshold, and the utility of cyber tools in crisis escalation.

Cybersecurity

Issue Brief

Sep 19, 2022

Untangling the Russian web: Spies, proxies, and spectrums of Russian cyber behavior 

By Justin Sherman

This issue brief analyzes the range of Russian government’s involvement with different actors in the large, complex, and often opaque cyber web, as well as the risks and benefits the Kremlin perceives or gets from leveraging actors in this group. The issue brief concludes with three takeaways and actions for policymakers in the United States, as well as in allied and partner countries.

Cybersecurity Russia

Blog Post

Sep 15, 2022

Policy hackers take Vegas

By Will Loomis, Safa Shahwan Edwards, Trey Herr, Stewart Scott, and Sarah Powazek

Every year, in the early August heat, thousands of hackers from around the world head to Las Vegas, Nevada for a series of cybersecurity conferences known as Hacker Summer Camp. This year, the Cyber Statecraft Initiative – and a few friends – decided to ship out to see what all the hype is about.

Cybersecurity

Report

Sep 14, 2022

Dragon tails: Preserving international cybersecurity research

By Stewart Scott, Sara Ann Brackett, Yumi Gambrill, Emmeline Nettles, Trey Herr

A quantitative study on whether legal context can impact the supply of vulnerability research with detrimental effects for cybersecurity writ large through the coordinated vulnerability disclosure process (CVD), using recent regulations in China as a case study.

China Cybersecurity

Airpower after Ukraine

Aug 30, 2022

Air denial: The dangerous illusion of decisive air superiority

By Maximillian K. Bremer and Kelly A. Grieco

The air war in Ukraine challenges traditional paradigms of air superiority. US and allied air forces must instead contemplate air denial strategies.

Cybersecurity Defense Technologies

Airpower after Ukraine

Aug 30, 2022

Early lessons from the Russia-Ukraine war as a space conflict

By David T. Burbach

The Russia-Ukraine war may be remembered as the first two-sided space war, offering four preliminary lessons for future conflicts.

China Cybersecurity

Airpower after Ukraine

Aug 30, 2022

Information warfare in the air littoral: Talking with the world

By Zachary Kallenborn

Information operations play a crucial role in generating mass in the air littoral, the airspace between ground forces.

Cybersecurity Disinformation

Airpower after Ukraine

Aug 30, 2022

Will robotized fire power replace manned air power?

By Peter Wilson

Russia's aerospace campaign points toward the increased robotization of deep-strike systems in modern warfare.

China Cybersecurity

Airpower after Ukraine

Aug 30, 2022

The role of electronic warfare, cyber, and space capabilities in the air littoral

By Zachary Kallenborn

Electronic warfare, cyber, and space operations are critical to successful information operations in the air littoral fight.

Cybersecurity Defense Technologies

Experts