Recent analysis

Buying down risk: Cyber liability

Report Jun 25, 2025

Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace 

By Winnona DeSombre Bernsen

If the United States wishes to compete in cyberspace, it must compete against China to secure its offensive cyber supply chain.
China Cybersecurity
Buying down risk: Cyber liability

New Atlanticist Jun 5, 2025

Cyberattacks are hurting US businesses. Here’s how Congress can upgrade cybersecurity information sharing.

By Tanner Wilburn, Sara Ann Brackett, and Urmita Chowdhury

Hackers are targeting small and medium-sized businesses, and the existing framework for sharing important information is leaving these US companies out of the loop.
Cybersecurity Economy & Business
Buying down risk: Cyber liability

Russia Tomorrow May 20, 2025

Unpacking Russia’s cyber nesting doll

By Justin Sherman

The latest report in the Atlantic Council’s Russia Tomorrow series explores Russia’s wartime cyber operations and broader cyber web.
Cybersecurity Digital Policy

Programs

The Atlantic Council Technology Programs comprises five existing efforts—the Digital Forensic Research Lab (DFRLab), the GeoTech Center, the Cyber Statecraft Initiative, the Democracy + Tech Initiative, and the Capacity Building Initiative. These operations work together to address the geopolitical implications of technology and provide policymakers and global stakeholders necessary research, insights, and convenings to address challenges around global technology and ensure its responsible advancement.

learn more

Content

Buying Down Risk

May 3, 2022

Buying down risk: Cyber liability

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

Despite software's ubiquity and omnipresent vulnerability, conventions around liability for software producers are still informal and rarely enforced.

Cybersecurity
Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Memory safety

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

Some coding languages, like C and C++, allow for a common, exceptionally dangerous bug called a memory safety error, comprising up to 70 percent of industry vulnerabilities.

Cybersecurity
Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk in the cyber ecosystem: Arguments for the national cybersecurity strategy

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

The private sector has enormous influence over the cybersecurity ecosystem. Security investments stemming from enterprise and prioritizing a more resilient environment over reacting to emerging incidents can have massive impact at scale.

Cybersecurity
Technology & Innovation

UkraineAlert

Apr 30, 2022

Ukraine War Diary: “You can never really get used to the air raid sirens”

By Vitaly Sych

Ukrainian media personality Vitaly Sych has kept a war diary recounting his experiences and observations during the past two terrifying and heroic months as Ukrainians have adjusted to Vladimir Putin’s criminal invasion.

Conflict
Cybersecurity

Conflict, Risk, and Tech

Apr 29, 2022

The 5×5—Addressing the global market for offensive cyber capabilities

By Simon Handler

Five experts unpack the global market for offensive cyber capabilities and the implications associated with the proliferation of hacking tools.

Conflict
Cybersecurity

UkraineAlert

Apr 23, 2022

New stamp captures Ukraine’s resolve to defy Putin and defeat Russia

By Peter Dickinson

A new Ukrainian postage stamp commemorating an iconic act of resistance to Vladimir Putin’s invasion has become a symbol of surging patriotic pride and growing confidence in Ukraine’s eventual victory over Russia.

Civil Society
Conflict

In the News

Apr 22, 2022

White in the Washington Examiner & the Cyberwire on hybrid warfare

By Atlantic Council

VADM Timothy J. White, USN (Ret.) speaks at the annual Joint Service Academy Cybersecurity Summit.

China
Cybersecurity

Report

Apr 21, 2022

Climbing the ladder: How the West can manage escalation in Ukraine and beyond

By Richard D. Hooker, Jr.

Russia’s invasion of Ukraine and NATO’s response increase the possibility of purposeful or inadvertent escalation in Europe. Understanding how these dynamics might impact the war and further degrade transatlantic stability is critical.

Cybersecurity
Defense Policy

In-Depth Research & Reports

Apr 18, 2022

America the Unready: Viking Age lessons for ransomware

By Emma Schroeder

"America the Unready: Viking Age lessons for ransomware" explores the rising tide of ransomware and presents three lessons that the US Government can learn from the English Viking Age about combating persistent, distributed threats through strengthening collective resilience and defense.

Cybersecurity

In the News

Apr 14, 2022

Grieco in Inkstick: Discussing the shades of gray within conflicts

By Atlantic Council

On April 14, Kelly Grieco was featured in Inkstick’s Adults in a Room series on the topic of gray zone conflict.    “Before Feb. 24, 2022, Russia had earned a reputation in the West as a master of the so-called gray zone for its activities in Crimea. President Vladimir Putin had used a combination of […]

Conflict
Cybersecurity
Load More

Experts

Staff

Audrey Roh

Program Assistant

Indo-Pacific Security Initiative Scowcroft Center for Strategy and Security

Cybersecurity Japan

Fellow

Yasmine Abdillahi

Nonresident Fellow

Africa Center

Africa Cybersecurity

Fellow

Chinmayi Sharma

Nonresident Fellow

Cyber Statecraft Initiative

Cybersecurity Digital Policy

Staff

Urmita Chowdhury

Assistant Director, Trainings and Competitions

Cyber Statecraft Initiative

Bengali Cybersecurity

Staff

Sara Ann Brackett

Associate Director

Cyber Statecraft Initiative

Cybersecurity
John S. Park

Fellow

John Park

Nonresident Senior Fellow

Economic Statecraft Initiative Indo-Pacific Security Initiative

Cybersecurity English
Load More

Events

Public Event Mon, January 26, 2026 • 10:00 am ET

AI’s market math: Scarcity, scale, and the deals for value
Artificial Intelligence Cybersecurity