Cyber Statecraft Initiative

The Cyber Statecraft Initiative works at the nexus of geopolitics, technology, and security to craft strategies to help shape the conduct of statecraft and to better inform and secure users. This work extends through the competition of state and non-state actors, the security of the internet and computing systems, the safety of operational technology and physical systems, and the communities of cyberspace. The Initiative convenes a diverse network of passionate and knowledgeable contributors, bridging the gap among technical, policy, and user communities.

The Atlantic Council Technology Programs comprises five existing efforts—the Digital Forensic Research Lab (DFRLab), the GeoTech Center, the Cyber Statecraft Initiative, the Democracy + Tech Initiative, and the Capacity Building Initiative. These operations work together to address the geopolitical implications of technology and provide policymakers and global stakeholders necessary research, insights, and convenings to address challenges around global technology and ensure its responsible advancement.

learn more

Staff

Trey Herr

Senior Director

Cyber Statecraft Initiative

Cybersecurity Digital Policy

Staff

Safa Shahwan Edwards

Director, Capacity Building & Communities

Cyber Statecraft Initiative

Cybersecurity Spanish

Staff

Nikita Shah

Senior Resident Fellow

Cyber Statecraft Initiative

Cybersecurity Intelligence

Staff

Nancy Messieh

Deputy Director, Visual Communications

Cyber Statecraft Initiative

Staff

Stewart Scott

Deputy Director

Cyber Statecraft Initiative

Cybersecurity Disinformation

Staff

Morgan McMurray

Associate Director, Capacity Building

Cyber Statecraft Initiative

Cybersecurity Digital Policy

Staff

Jen Roberts

Associate Director

Cyber Statecraft Initiative

Cybersecurity French

Staff

Emma Schroeder

Associate Director

Cyber Statecraft Initiative

Conflict Cybersecurity

Staff

Nitansha Bansal

Assistant director

Cyber Statecraft Initiative

Artificial Intelligence Cybersecurity

Staff

Sara Ann Brackett

Assistant Director

Cyber Statecraft Initiative

Cybersecurity

Staff

Urmita Chowdhury

Assistant Director, Trainings and Competitions

Cyber Statecraft Initiative

Bengali Cybersecurity

Fellow

Winnona DeSombre Bernsen

Nonresident Fellow

Cyber Statecraft Initiative

China Chinese

Fellow

Danielle Jablanski

Nonresident Fellow

Cyber Statecraft Initiative

Cybersecurity Technology & Innovation

Fellow

Will Loomis

Nonresident Fellow

Cyber Statecraft Initiative

Cybersecurity

Fellow

John Speed Meyers

Nonresident Senior Fellow

Cyber Statecraft Initiative

Cybersecurity Technology & Innovation

Fellow

Wendy Nather

Nonresident Senior Fellow

Cyber Statecraft Initiative

Cybersecurity English

Fellow

Katie Nickels

Nonresident Senior Fellow

Cyber Statecraft Initiative Digital Forensic Research Lab

Cybersecurity Technology & Innovation

Fellow

Megan Samford

Nonresident Senior Fellow

Cyber Statecraft Initiative

Cybersecurity Technology & Innovation

Fellow

Chinmayi Sharma

Nonresident Fellow

Cyber Statecraft Initiative

Cybersecurity Digital Policy

Fellow

Justin Sherman

Nonresident Fellow

Cyber Statecraft Initiative

China Cybersecurity

Fellow

Margaret Smith

Nonresident Senior Fellow

Cyber Statecraft Initiative

Cybersecurity Security & Defense

Fellow

Josephine Wolff

Nonresident Senior Fellow

Cyber Statecraft Initiative

Cybersecurity Internet

Issue Brief

Jun 14, 2022

Victory reimagined: Toward a more cohesive US cyber strategy

By Emma Schroeder, Stewart Scott, Trey Herr

US policy is on two potentially divergent paths: one that prioritizes the protection of American infrastructure through the pursuit of US cyber superiority, and one that seeks an open, secure cyber ecosystem.

Cybersecurity Security & Defense

The 5×5

May 12, 2022

The 5×5—Reflections on trusting trust: Securing software supply chains

By Simon Handler

Five experts discuss the implications of insecure software supply chains and realistic paths to securing them. 

Cybersecurity Defense Technologies

Tech at the Leading Edge

May 9, 2022

Assumptions and hypotheticals: First edition

By Yumi Gambrill and Emma Schroeder

The first edition of “Assumptions and Hypotheticals” considers several ongoing debates, including the escalatory potential of cyber operations, the measure of deniability created through the use of proxies, and the offense-defense balance in cyber engagements. 

Cybersecurity

Buying Down Risk

May 3, 2022

Buying down risk: Container security

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

Industry’s move towards container architectures provides great promise for dynamic systems and service provision, but it also brings up new concerns and opportunities for the cybersecurity ecosystem.

Cybersecurity Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Open source software

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

Open-source software underpins most modern code, and the unique incentives and constraints its developers face pose a tricky set of challenges for the cybersecurity ecosystem.

Cybersecurity Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Complexity management

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

The ever-increasing complexity of software programs and services can become a security and operational challenge in and of itself, increasing ecosystem-wide risk.

Cybersecurity Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Software provenance and composition

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

SBoM adoption is picking up pace, aiming to provide better insight into and contractual leverage for software components—increased investment, standardization, and coordination can help fully develop SBoM use.

Cybersecurity Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Cyber poverty line

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

Many enterprises face systemic challenges to their cybersecurity posture, from resource shortages to suboptimal risk attitudes, all of which weaken an ecosystem only as secure as its weakest links.

Cybersecurity Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Cyber liability

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

Despite software’s ubiquity and omnipresent vulnerability, conventions around liability for software producers are still informal and rarely enforced.

Cybersecurity Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Memory safety

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

Some coding languages, like C and C++, allow for a common, exceptionally dangerous bug called a memory safety error, comprising up to 70 percent of industry vulnerabilities.

Cybersecurity Technology & Innovation

Load More

The Atlantic Council’s Cyber Statecraft Initiative, part of the Atlantic Council Technology Programs, works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.

learn more

All original graphics created by the Cyber Statecraft Initiative (CSI) are available for re-use under the following conditions:

• Written permission must be granted by CSI.
• Graphics may be copied and distributed in any medium or format in unadapted form only, for noncommerical purposes, and only so long as attribution is given.¹Language based on Creative Commons CC BY-NC-ND 4.0
• The attribution must reference the Cyber Statecraft Initiative and include a link to the content.
• CSI cannot grant permission for the use of images or graphics licensed from third parties.