Hide

Keep up with our work!

Follow us on Twitter for to keep up with the latest cybersecurity developments

Follow the Atlantic Council on LinkedIn for the the latest geopolitical analysis

Follow us on Spotify for the latest and greatest in cyber-themed music playlists

Projects

Cloud Security & Policy

Cloud computing is more than technology and engineering minutia—it has real social and political consequences. Cloud providers influence the pace and direction of economic growth, shape international security competition, and mediate access to technologies which today inform changes in the global balance of power.

Cyber 9/12 Strategy Challenge

The Cyber 9/12 Strategy Challenge is an annual cyber policy and strategy competition where students from across the globe compete in developing policy recommendations tackling a fictional cyber catastrophe.

Breaking Trust: Software Supply Chain Insecurity

The Breaking Trust project seeks to catalog software supply chain intrusions and identify major trends and implications from their execution. This project remains ongoing to highlight the need for a more coherent policy response together with action from industry and open-source communities.

The Proliferation of Offensive Cyber Capabilities

The proliferation of offensive cyber capabilities (OCC) presents an expanding set of risks to states and challenges commitments to protect openness, security, and stability in cyberspace. As these capabilities continue to proliferate with increasing complexity and to new types of actors, the imperative to slow and counter their spread only strengthens.

The Cyber Moonshot

The Cyber Statecraft Initiative has established a new project to communicate core themes and concepts in cybersecurity through a series of short stories in a way that is fun and approachable to a broader audience than conventional policy analysis/publication.

Cyber Safety and Control Systems Security

Operational technology (OT) cybersecurity encompasses the software, hardware, policies, personnel, and services deployed to protect physical systems. These systems comprise the backbone of national critical infrastructure and represent tangible links between society and its digital tools and data.

Seeking Resilience in Cyberspace

Mission resilience is the ability of a mission system to prevent, respond to, and/or adapt to both anticipated and unanticipated disruptions, optimizing efficacy and long-term value. Resilient mission systems should have the capacity to continue mission essential operations while contested, gracefully degrading through disruption rather than collapsing all at once.

The 5×5 series

The 5×5 series by the Cyber Statecraft Initiative features five experts answering five questions on a common theme, trend, or current event in the world of cyber.

Cyber Statecraft team

Staff

Trey Herr

Director

Cyber Statecraft Initiative Digital Forensic Research Lab

Cybersecurity Digital Policy

Staff

Safa Shahwan Edwards

Deputy Director

Cyber Statecraft Initiative Digital Forensic Research Lab

Cybersecurity Spanish

Staff

Will Loomis

Associate Director

Cyber Statecraft Initiative Digital Forensic Research Lab

Cybersecurity

Staff

Emma Schroeder

Associate Director

Cyber Statecraft Initiative Digital Forensic Research Lab

Cybersecurity French

Staff

Liv Rowley

Assistant Director

Cyber Statecraft Initiative Digital Forensic Research Lab

Cybersecurity Spanish

Staff

Stewart Scott

Assistant Director

Cyber Statecraft Initiative Digital Forensic Research Lab

Cybersecurity Disinformation

Staff

Jen Roberts

Program Assistant

Cyber Statecraft Initiative Digital Forensic Research Lab

Cybersecurity French

Cyber Statecraft fellows

Keep up with our work!

Follow us on Twitter for to keep up with the latest developments

The Atlantic Council’s Digital Forensic Research Lab is building the world’s leading hub of digital forensic analysts (#DigitalSherlocks).

The DFRLab

At the Atlantic Council’s DFRLab, our mission is:

To identify, expose, and explain disinformation where and when it occurs using open source research; to promote objective truth as a foundation of government for and by people; to protect democratic institutions and norms from those who would seek to undermine them in the digital engagement space.

To create a new model of expertise adapted for impact and real-world results.

To forge digital resilience at a time when humans are more interconnected than at any point in history, by building the world’s leading hub of digital forensic analysts tracking events in governance, technology, security, and where each intersect as they occur, as well as a network of #DigitalSherlocks.

Visit DigitalSherlocks.org Check out the DFRLab on Medium Sign up for The Source newsletter
Cyber Statecraft Initiative

Report Feb 16, 2022

Financing & genocide: Development finance and the crisis in the Uyghur Region

A joint report that reveals how the World Bank’s International Finance Corporation (IFC) has significant investments in China’s Xinjiang Uyghur Autonomous Region, where indigenous peoples have been subjected to what international legislators, legal scholars, and advocates have determined to be a genocide.

Read More
Cyber Statecraft Initiative

Report Jan 4, 2022

After the insurrection: How domestic extremists adapted and evolved after the January 6 US Capitol attack

By Jared Holt

This report by the Digital Forensic Research Lab (DFRLab) provides an overview and analysis of the shifts observed in domestic extremist movements since the 2021 Capitol attack.
Elections Rule of Law
Cyber Statecraft Initiative

In-Depth Research & Reports Jul 22, 2021

Information defense: Policy measures taken against foreign information manipulation

By Jean-Baptiste Jeangène Vilmer

A joint report from the Atlantic Council’s Digital Forensic Research Lab and Europe Center on the policy measures government and private sector can take against foreign information manipulation.
Cybersecurity Digital Policy

Content

Report

Aug 10, 2022

Dragon tails: Preserving international cybersecurity research

By Stewart Scott, Sara Ann Brackett, Yumi Gambrill, Emmeline Nettles, Trey Herr

A quantitative study on whether legal context can impact the supply of vulnerability research with detrimental effects for cybersecurity writ large through the coordinated vulnerability disclosure process (CVD), using recent regulations in China as a case study.

China Cybersecurity

Feature

Aug 5, 2022

Operational technology: Cloudy, with a chance of data 

By Emma Schroeder

In the second episode of The Cyber Moonshot, we again follow Neymar, Zafira, and Ernest in a quaint little food court on the surface of the moon. Follow along in their journey to understand the operational technology-cloud convergence and track down the path of the malware that has infected their port - before it becomes a permanent winter wonderland!

Cyber 9/12 Project

Aug 3, 2022

2022 Washington, DC Cyber 9/12 Strategy Challenge Playbook

Rockshot, Standingpalm, Software, Shoot! Scenario Summary Intelligence Report I Intelligence Report I Recommendations Intelligence Report II Intelligence Report II Recommendations Intelligence Report III Intelligence Report III Briefings Intelligence Report III Recommendations Scenario Summary In November 2022, while Quatar was hosting the , staff at the noticed a water-cooling issue within the plant. The staff managed […]

Cybersecurity

Issue Brief

Aug 2, 2022

Behind the rise of ransomware

By John Sakellariadis

Between 2016 and 2019, cybercriminals shifted from automated ransomware campaigns that emphasized scale to targeted extortion operations against organizations. This adaption made ransomware more disruptive and more profitable, culminating in the 2021 surge in ransomware. Though the US government has devoted more attention to ransomware since 2021, ransomware remains a significant and long-term threat to the US economy.

Cybersecurity

Issue Brief

Jul 25, 2022

Hackers, Hoodies, and Helmets: Technology and the changing face of Russian private military contractors

By Emma Schroeder, Gavin Wilde, Justin Sherman, and Trey Herr

Table of contents Introduction PMCs in Russian international security strategy and the influence of technology Training military forces abroadResource securityCombat missionsPolitical warfare Accessing offensive cyber and information technologies in the PMC community Where do PMCs go from here? About the authors Introduction The first time Russia invaded Ukraine in the twenty-first century, the Wagner Group […]

Africa Cybersecurity

The 5×5

Jun 29, 2022

The 5×5—Cybercrime and national security

By Simon Handler, Liv Rowley

Five experts weigh in on emerging trends in cybercrime and their impacts on national security. 

Cybersecurity Intelligence

Cyber 9/12 Project

Jun 27, 2022

Atlantic Council’s Cyber 9/12 Strategy Challenge expands to Scotland

The Abertay University cyberQuarter joins as a strategic partner for Cyber 9/12 Strategy Challenge, the world’s only multidisciplinary cyber competition. WASHINGTON DC – JUNE 27, 2022 – The Atlantic Council’s Cyber Statecraft Initiative, in partnership with the Scottish Government, Dewar Cyber Consulting, and Abertay University, will host the inaugural edition of the Cyber 9/12 Strategy […]

Issue Brief

Jun 14, 2022

Victory reimagined: Toward a more cohesive US cyber strategy

By Emma Schroeder, Stewart Scott, Trey Herr

US policy is on two potentially divergent paths: one that prioritizes the protection of American infrastructure through the pursuit of US cyber superiority, and one that seeks an open, secure cyber ecosystem.

Cybersecurity Security & Defense

The 5×5

May 12, 2022

The 5×5—Reflections on trusting trust: Securing software supply chains

By Simon Handler

Five experts discuss the implications of insecure software supply chains and realistic paths to securing them. 

Cybersecurity Defense Technologies

Article

May 9, 2022

Cyber strategy: Assumptions and hypotheticals 

By Yumi Gambrill and Emma Schroeder

When academics, policymakers, and practitioners discuss security and conflict within the cyber domain, they are often hampered by a series of ongoing debates and unarticulated assumptions. We have brought together members of these communities to discuss the reasons that these debates are important to the shaping of cybersecurity and strategic plans.

Cybersecurity
Load More