Keep up with our work!

Follow us on Twitter for to keep up with the latest cybersecurity developments

Follow us on Spotify for the latest and greatest in cyber-themed music playlists

Follow the Atlantic Council on LinkedIn for the the latest geopolitical analysis


Cyber Statecraft projects

Cyber Statecraft team

Cyber Statecraft fellows

The Atlantic Council’s Cyber Statecraft Initiative, under the Digital Forensic Research Lab (DFRLab), works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.


The 5x5

Sep 20, 2023

The 5×5—Bridging the divide: Cyber conflict in international relations

By Simon Handler

Researchers discuss the relationship between the cyber policy and academic communities, and share their advice for those interested in breaking into each community.

Cybersecurity National Security

In the News

Sep 6, 2023

Wired picked up a Global China Hub and Cyber Statecraft Initiative report on how China demands tech firms to reveal hackable flaws in their products. The initial report was written by Global China Hub Nonresident fellow Dakota Cary and Kristin Del Rosso

Andy Greenberg at Wired wrote about the recent Atlantic Council report which “investigates the fallout of a Chinese law passed in 2021, designed to reform how companies and security researchers operating in China handle the discovery of security vulnerabilities in tech products.” The original article report was written by Global China Hub nonresident fellow Dakota […]

China Economic Sanctions


Sep 6, 2023

Sleight of hand: How China weaponizes software vulnerabilities

By Dakota Cary and Kristin Del Rosso

China's new vulnerability management system mandates reporting to MIIT within 48 hours, restricting pre-patch publication and POC code. This centralized approach contrasts with the US voluntary system, potentially aiding Chinese intelligence. MIIT shares data with the MSS, affecting voluntary databases as well. MSS also fund firms to provide vulnerabilities for their offensive potential.

China Cybersecurity

The 5x5

Aug 21, 2023

The 5×5—Cloud risks and critical infrastructure

By Simon Handler

Experts share their perspectives on the challenges facing cloud infrastructure and how policy can encourage better security and risk governance across this critical sector.

Cybersecurity Infrastructure Protection

The 5x5

Aug 3, 2023

The 5×5—Cyber conflict in international relations: A policymaker’s perspective

By Simon Handler

Current and former policymakers address cyber conflict’s fundamental place in international relations, their recommended readings, and ideas for how policymakers and scholars can more effectively engage one another.

Cybersecurity National Security

The 5x5

Jun 20, 2023

The 5×5—Cyber conflict in international relations: A scholar’s perspective

By Simon Handler

Leading scholars provide insights on cyber conflict’s role in international relations, how the topic can best be taught to students, and how scholars and policymakers can better incorporate each other’s perspectives.

Cybersecurity National Security

The 5x5

May 30, 2023

The 5×5—Cross-community perspectives on cyber threat intelligence and policy

By Simon Handler

Individuals with experience from the worlds of cyber threat intelligence and cyber policy share their insights and career advice.

Cybersecurity Intelligence

The 5x5

May 3, 2023

The 5×5—Cryptocurrency hacking’s geopolitical and cyber implications

By Simon Handler

Experts explore the cybersecurity implications of cryptocurrencies, and how the United States and its allies should approach this challenge.

Cybersecurity Digital Currencies

Issue Brief

Apr 19, 2023

Critical infrastructure cybersecurity prioritization: A cross-sector methodology for ranking operational technology cyber scenarios and critical entities

By Danielle Jablanski

As critical infrastructure becomes increasingly targeted by malicious adversaries, how can we effectively prioritize criticality?


Tech at the Leading Edge

Mar 22, 2023

Modernizing critical infrastructure protection policy: Seven perspectives on rewriting PPD21

By Will Loomis

In February of 2013, then President Obama signed a landmark executive order - Presidential Policy Directive 21 (PPD 21) - that defined how U.S. Departments and Agencies would provide a unity of government effort to strengthen and maintain US critical infrastructure. Almost a decade later, evolutions in both the threat landscape and the interagency community invite the US government to revise this critical policy.

Cybersecurity Infrastructure Protection