What is cyber statecraft?

Cyber statecraft is the use of technology to achieve strategic ends. Cyber statecraft is in a government’s design of data governance regulations to punish foreign firms, in a technology company’s decision to unmask a national intelligence operation, and in the military’s use of cyber effects to support forces on a kinetic battlefield. As private firms expand their authority over internet infrastructure, content, and activities they too become influential geopolitical players. As states assimilate technology into new domains of conventional warfare, surveillance, and security regulation, they fuse choices in technology design to political debate. 

This is the conduct of cyber statecraft, at the nexus of technology and geopolitics.  

The insecurity of widely used technology systems, from planes, to routers, to automobiles presents a marked danger to economic and social health. Adversaries present novel threats to well-established policy processes and demand action in new domains and in new forms from policymakers. The Cyber Statecraft Initiative presents substantive analysis from those closest to the issues, leveraging the Scowcroft Center’s innate expertise and a network of fellows to shift attention from singular incidents to the slow but tectonic nature of strategic change. 

Our pillars

Cyber operations and defense policy

Cyber capabilities are an increasingly common feature on modern battlefields and shape the conduct of statecraft. The development of these capabilities must now factor into debates about doctrine, force structure, and innovation. Our work looks at the broad policy landscape around cyber capabilities including the secure acquisition and operation of software intensive defense systems, modern security assistance, the proliferation of cyber capabilities, and network exploitation on the boundaries of electronic warfare. 

Internet and systems security

An interconnected system of global networks, the internet provides a massive platform for conducting commerce and linking people across international community. Organizations of all shapes and sizes depend on the internet. We work to support and advise governments and the private sector working to secure the internet from degradation, malign influence, and direct harm. We advocate for US global leadership and empowered user communities by convening practitioners to ensure a free, secure, and open internet. 

Communities of cyberspace

Cybersecurity continues to expand and with it the need for a trained and talented workforce in nations of all sizes. The size of this workforce continues to lag demand, particularly for those who can translate between policy and technology. Through our Cyber 9/12 Strategy Challenge, we seek to tackle the global cyber skills shortage with iterated crisis simulation, policy analysis, and mentorship. Part interactive learning experience, part competitive scenario exercise, Cyber 9/12 challenges student teams from a range of academic disciplines to respond to a realistic and evolving scenario. Teams analyze threats and develop responses to manage an escalating crisis, with built in feedback loops from expert judges.

Cyber safety

The convergence of the digital and physical worlds through embedded computing and the Internet of Things impacts the technology marketplace and geopolitical dynamics through systems people interact with every day. We seek to identify and influence key policy debates on the security of operational technologies across the United States, European Union, and Asia, driving collaborative efforts to focus on healthcare devices, maritime systems, and aerospace technologies.

Analysis and in-depth research

Our articles, issue briefs, and reports consist of notes from the field and analysis from our team—insights to give you practical leverage on the complex challenges of cybersecurity. A synthesis of technical systems and policy dynamics, cybersecurity demands detailed understanding to create meaningful change. These analyses dig deep into the concepts and assumptions that shape the geopolitics of cybersecurity. 

Featured content series

Events and convening

Leadership

Fellows

Experts

Content

Mon, Sep 28, 2020

Dude, where’s my cloud? A guide for wonks and users

Cloud computing is transforming society, from interactions between people to the ways by which companies do business, and even how militaries operate. If you have ever been curious about what exactly “the cloud” meant; if you are a policy wonk not a technologist, a user not an admin, then this report is for you.

Report by Simon Handler, Lily Liu, and Trey Herr

Cybersecurity Internet

Thu, Sep 24, 2020

Five big questions as America votes: Cybersecurity

With the next US presidential election looming, the next administration will face no shortage of substantive cyber policy issues. US adversaries such as China and Russia continue to undermine and fracture the free and open internet, while the technology ecosystem has been altered by the rapid adoption of cloud computing, placing immense power and responsibility in the hands of few technology giants, such as Amazon and Microsoft.

Elections 2020 by Cyber Statecraft Initiative

Cybersecurity Elections

Mon, Sep 21, 2020

Herr, Shahwan Edwards, Handler, and Loomis featured on an episode of the “Lessons from the School of Cyber Hard Knocks” podcast

Joe Saunders hosts Trey Herr, Safa Shahwan Edwards, William Loomis, and Simon Handler to discuss the four pillars of the Cyber Statecraft Initiative, their recent research on the software supply chain, and programming plans going forward.

In the News by Atlantic Council

Cybersecurity Technology & Innovation

Fri, Sep 11, 2020

India’s growing hostility towards Chinese technology shifts landscape of US-China data and cloud competition

US and Chinese tech companies, including in the cloud computing space, are competing for users within India. As the Indian government’s relations with Beijing change, so too does the landscape of this technological battleground.

New Atlanticist by Justin Sherman and Lily Liu

China Cybersecurity

Mon, Aug 31, 2020

Four myths about the cloud: The geopolitics of cloud computing

Cloud computing providers are more than companies—they govern vast utility infrastructure, play host to digital battlefields, and are magnificent engines of complexity. Cloud computing is embedded in contemporary geopolitics; the choices providers make are influenced by, and influential on, the behavior of states. In competition and cooperation, cloud computing is the canvas on which states conduct significant political, security, and economic activity.

Report by Trey Herr

Cybersecurity Internet

Fri, Aug 21, 2020

Sherman in The Diplomat: Kashmir internet shutdown continues, despite Supreme Court ruling

India has the potential to be a global leader in promoting democratic technology norms, but instead it leads the way with internet shutdowns.

In the News

India Technology & Innovation

Thu, Aug 20, 2020

Washington, DC Cyber 9/12 Strategy Challenge Playbook

A Disaster to Entertain Poseidon and Ruin Christmas Scenario Summary Intelligence Report I Intelligence Report I Recommendations Intelligence Report II Intelligence Report II Recommendations Intelligence Report III Intelligence Report III Briefings Intelligence Report III Recommendations Scenario Summary This scenario takes place from October – December of 2022 and focuses on maritime cybersecurity and how non-state […]

Cyber 9/12 Project

Cybersecurity

Fri, Aug 14, 2020

Handler in Lawfare: Normalizing Arab-Israeli Relations Through Cybersecurity Cooperation

This diplomatic rekindling between Israel and the Arab world offers an opportunity for the United States to establish a regional cybersecurity cooperation center dedicated to the protection of critical infrastructure.

In the News by Atlantic Council

Cybersecurity Iran

Thu, Aug 13, 2020

Russia uses US data policy shortfalls to justify campaign against internet freedom

A transcript of the meeting between Putin and his internet regulator shows, unsurprisingly, that the Kremlin continues using its rubber-stamped laws to justify internet censorship and control. But it also demonstrated the Kremlin’s growing desire to undermine the Western-led open democratic internet model.

New Atlanticist by Justin Sherman

Cybersecurity Internet

Fri, Aug 7, 2020

Trump’s TikTok ban is bad policy

There are real security questions to ask about Chinese government influence over technology companies; but the idea of broadly banning TikTok is a bad one that steps in the wrong direction on protecting a free and open internet.

New Atlanticist by Justin Sherman

China Cybersecurity

Events

Thu, Oct 1, 2020

Securing the energy transition: Innovative cyber solutions for grid resiliency

ONLINE EVENT - A deeper look into how a secure energy transition can be implemented using innovative cyber security solutions to provide the monitoring and the visibility necessary to protect the grid at-large.

9:30am ONLINE EVENT