Highlighted content

In-Depth Research & Reports

In-Depth Research & Reports Oct 4, 2021

A system of systems: Cooperation on maritime cybersecurity

By William Loomis, Virpratap Vikram Singh, Dr. Gary C. Kessler, Dr. Xavier Bellekens

The MTS is not monolithic; it is a markedly complex “system of systems.” This section segments the MTS into three discrete systems—ships, ports, and cargo—each with its own life cycle, in order to highlight areas of risk and leverage for policy makers and the industry.
Cybersecurity Maritime Security
In-Depth Research & Reports

Report Mar 29, 2021

Broken trust: Lessons from Sunburst

By Trey Herr, Will Loomis, Emma Schroeder, Stewart Scott, Simon Handler, and Tianjiu Zuo

The story of trust is an old one, but the Sunburst cyber-espionage campaign was a startling reminder of the United States’ collective cyber insecurity and the inadequacy of current US strategy to compete in a dynamic intelligence contest in cyberspace.
Cybersecurity Intelligence
In-Depth Research & Reports

Report Aug 31, 2020

Four myths about the cloud: The geopolitics of cloud computing

By Trey Herr

Cloud computing providers are more than companies—they govern vast utility infrastructure, play host to digital battlefields, and are magnificent engines of complexity. Cloud computing is embedded in contemporary geopolitics; the choices providers make are influenced by, and influential on, the behavior of states. In competition and cooperation, cloud computing is the canvas on which states conduct significant political, security, and economic activity.
Cybersecurity Internet

All in-depth research & reports

In-Depth Research & Reports

Oct 4, 2021

Raising the colors: Signaling for cooperation on maritime cybersecurity

By William Loomis, Virpratap Vikram Singh, Dr. Gary C. Kessler, Dr. Xavier Bellekens

Few industries are as critical to the global economy as the maritime transportation system (MTS). However, the efficient operation of the MTS is at risk, as the industry is increasingly vulnerable to cyber threats. The MTS must work to raise its baseline for cybersecurity and better protect its actors from systemic cyber threats going forward.

Cybersecurity Maritime Security

Report

Sep 13, 2021

Cyber defense across the ocean floor: The geopolitics of submarine cable security

By Justin Sherman

The vast majority of intercontinental global Internet traffic—upwards of 95 percent—travels over undersea cables that run across the ocean floor. The construction of new submarine cables is a key part of the constantly changing physical topology of the Internet worldwide. However, this dependence is not matched by increased security, leaving our undersea cables—the core of the global internet—at risk.

Cybersecurity Europe & Eurasia

Issue Brief

Aug 26, 2021

Countering ransomware: Lessons from aircraft hijacking

By Simon Handler, Emma Schroeder, Frances Schroeder, and Trey Herr

Ransomware has plagued organizations for more than a decade, but the last three years have experienced a surge in both the number of incidents and the ransoms demanded. To more effectively counter ransomware, the US government should develop a strategy that draws on lessons learned from addressing a surge in aircraft hijackings through the late 1960s and early 1970s.

Cybersecurity Terrorism

Issue Brief

Jul 12, 2021

Reassessing RuNet: Russian internet isolation and implications for Russian cyber behavior

By Justin Sherman

This issue brief examines recent “RuNet” developments and explores how they could elevate national security risks for the United States and Europe by changing the internet landscape in Russia and potentially shifting Russian cyber behavior.

Cybersecurity Europe & Eurasia

Report

Jun 28, 2021

Collective cybersecurity for the Three Seas

By Safa Shahwan Edwards, Simon Handler, Trey Herr, Adam Marczyński, and Jakub Teska

In Central and Eastern Europe’s Three Seas region, twelve countries have joined together to invest in critical infrastructure projects and increase interconnectivity on energy, infrastructure, and digitization efforts along the way. To strengthen the resilience of these technical investments and better bind together the defensive cybersecurity operations of these societies, Three Seas member states should establish a regional hub for cybersecurity together with key private sector partners.

Central Europe Cybersecurity

Issue Brief

May 10, 2021

What would Winston do? Cooperative approaches toward securing the Five Eyes information environment

By Daniel Dobrowolski, David V. Gioe, and Trey Herr

Given the global prevalence of English, the countries comprising the Five Eyes intelligence alliance should build upon existing proven frameworks to cooperate to secure their shared information environment.

Cybersecurity Disinformation

Report

May 10, 2021

Mission resilience: Adapting defense aerospace to evolving cybersecurity challenges

By Simon Handler, Trey Herr, Steve Luczynski, and Reed Porada

While aerospace presents inherently distinct challenges from other spaces, defense organizations could look to the private sector and adapt commercial practices to implement the principles of resilience.

Cybersecurity Defense Industry

Report

Mar 29, 2021

Broken trust: Lessons from Sunburst

By Trey Herr, Will Loomis, Emma Schroeder, Stewart Scott, Simon Handler, and Tianjiu Zuo

The story of trust is an old one, but the Sunburst cyber-espionage campaign was a startling reminder of the United States’ collective cyber insecurity and the inadequacy of current US strategy to compete in a dynamic intelligence contest in cyberspace.

Cybersecurity Intelligence

Issue Brief

Mar 1, 2021

A primer on the proliferation of offensive cyber capabilities

By Winnona DeSombre, Michele Campobasso, Dr. Luca Allodi, Dr. James Shires, JD Work, Robert Morgus, Patrick Howell O’Neill, and Dr. Trey Herr

Offensive cyber capabilities run the gamut from sophisticated, long-term disruptions of physical infrastructure to malware used to target human rights journalists. As these capabilities continue to proliferate with increasing complexity and to new types of actors, the imperative to slow and counter their spread only strengthens.

Arms Control Conflict

Report

Mar 1, 2021

Countering cyber proliferation: Zeroing in on Access-as-a-Service

By Winnona DeSombre, James Shires, JD Work, Robert Morgus, Patrick Howell O’Neill, Luca Allodi, and Trey Herr

The proliferation of offensive cyber capabilities (OCC) presents an expanding set of risks to states and challenges commitments to protect openness, security, and stability in cyberspace. Access as a Service firms offer various forms of “access” to target data or systems, and through these business practices are creating and selling OCC at an alarming rate. It is imperative that governments reevaluate their approach to countering the proliferation of OCC.

Arms Control Cybersecurity
Load More

The Atlantic Council’s Cyber Statecraft Initiative, part of the Atlantic Council Technology Programs, works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.

learn more