The Scowcroft Center for Strategy and Security works to develop sustainable, nonpartisan strategies to address the most important security challenges facing the United States and the world.

What is cyber statecraft?

Cyber statecraft is the use of technology to achieve strategic ends. Cyber statecraft is in a government’s design of data governance regulations to punish foreign firms, in a technology company’s decision to unmask a national intelligence operation, and in the military’s use of cyber effects to support forces on a kinetic battlefield. As private firms expand their authority over internet infrastructure, content, and activities they too become influential geopolitical players. As states assimilate technology into new domains of conventional warfare, surveillance, and security regulation, they fuse choices in technology design to political debate. 

This is the conduct of cyber statecraft, at the nexus of technology and geopolitics.  

The insecurity of widely used technology systems, from planes, to routers, to automobiles presents a marked danger to economic and social health. Adversaries present novel threats to well-established policy processes and demand action in new domains and in new forms from policymakers. The Cyber Statecraft Initiative presents substantive analysis from those closest to the issues, leveraging the Scowcroft Center’s innate expertise and a network of fellows to shift attention from singular incidents to the slow but tectonic nature of strategic change. 

Our pillars

Cyber operations and defense policy

Cyber capabilities are an increasingly common feature on modern battlefields and shape the conduct of statecraft. The development of these capabilities must now factor into debates about doctrine, force structure, and innovation. Our work looks at the broad policy landscape around cyber capabilities including the secure acquisition and operation of software intensive defense systems, modern security assistance, the proliferation of cyber capabilities, and network exploitation on the boundaries of electronic warfare. 

Internet and systems security

An interconnected system of global networks, the internet provides a massive platform for conducting commerce and linking people across international community. Organizations of all shapes and sizes depend on the internet. We work to support and advise governments and the private sector working to secure the internet from degradation, malign influence, and direct harm. We advocate for US global leadership and empowered user communities by convening practitioners to ensure a free, secure, and open internet. 

Communities of cyberspace

Cybersecurity continues to expand and with it the need for a trained and talented workforce in nations of all sizes. The size of this workforce continues to lag demand, particularly for those who can translate between policy and technology. Through our Cyber 9/12 Strategy Challenge, we seek to tackle the global cyber skills shortage with iterated crisis simulation, policy analysis, and mentorship. Part interactive learning experience, part competitive scenario exercise, Cyber 9/12 challenges student teams from a range of academic disciplines to respond to a realistic and evolving scenario. Teams analyze threats and develop responses to manage an escalating crisis, with built in feedback loops from expert judges.

Cyber safety

The convergence of the digital and physical worlds through embedded computing and the Internet of Things impacts the technology marketplace and geopolitical dynamics through systems people interact with every day. We seek to identify and influence key policy debates on the security of operational technologies across the United States, European Union, and Asia, driving collaborative efforts to focus on healthcare devices, maritime systems, and aerospace technologies.

Analysis and in-depth research

Our articles, issue briefs, and reports consist of notes from the field and analysis from our team—insights to give you practical leverage on the complex challenges of cybersecurity. A synthesis of technical systems and policy dynamics, cybersecurity demands detailed understanding to create meaningful change. These analyses dig deep into the concepts and assumptions that shape the geopolitics of cybersecurity. 

Events and convening

Leadership

Opportunities

Looking for a paid summer internship?

We are now recruiting Young Global Professionals for Summer 2021!

Applications close Friday, March 26, 2021.

Fellows

Experts

Content

Thu, Jul 22, 2021

The 5×5—If it blinks, it sinks: Adventures in securing operational technology

With rising sophistication, automation, and interconnectivity in operational technologies, security has become an overwhelming need.

The 5×5 by Will Loomis, Simon Handler

Cybersecurity Geopolitics & Energy Security

Mon, Jul 19, 2021

FAST THINKING: A turning point on Chinese hacking

What does NATO’s buy-in mean for the world’s response to Chinese hacking? What tools do these allies have to fight back? Our experts messaged us (securely) with the answers.

Fast Thinking by Atlantic Council

Australia China

Thu, Jul 15, 2021

Handler joins Asharq News to discuss ransomware and US cyber strategy

Simon Handler joins Asharq News to discusss ransomware and US cyber strategy.

In the News by Atlantic Council

Arabic Cybersecurity

Thu, Jul 15, 2021

A US-UK hacking probe offers a fresh approach against Russia

The international collaboration underscores the importance of being carefully narrow about scoping cyberspace “red lines” in talks with the Russian government.

New Atlanticist by Justin Sherman

Cybersecurity Intelligence

Mon, Jul 12, 2021

Reassessing RuNet: Russian internet isolation and implications for Russian cyber behavior

This issue brief examines recent “RuNet” developments and explores how they could elevate national security risks for the United States and Europe by changing the internet landscape in Russia and potentially shifting Russian cyber behavior.

Issue Brief by Justin Sherman

Cybersecurity Europe & Eurasia

Mon, Jun 28, 2021

Collective cybersecurity for the Three Seas

In Central and Eastern Europe’s Three Seas region, twelve countries have joined together to invest in critical infrastructure projects and increase interconnectivity on energy, infrastructure, and digitization efforts along the way. To strengthen the resilience of these technical investments and better bind together the defensive cybersecurity operations of these societies, Three Seas member states should establish a regional hub for cybersecurity together with key private sector partners.

Report by Safa Shahwan Edwards, Simon Handler, Trey Herr, Adam Marczyński, and Jakub Teska

Central Europe Cybersecurity

Tue, Jun 15, 2021

The 5×5—The state of cybersecurity in the Middle East

How will recent developments in the Middle East affect cybersecurity cooperation, and what does the future of the region’s cyber landscape look like?

The 5×5 by Simon Handler

Cybersecurity Iran

Mon, May 24, 2021

Herr, Handler, and Schroeder on the Cipher Brief’s State Secrets podcast

Trey Herr, Simon Handler, and Emma Schroeder join the Cipher Brief's State Secrets podcast to discuss their recent report on the Sunburst cyber-espionage campaign.

In the News by Atlantic Council

Cybersecurity Intelligence

Thu, May 20, 2021

MARKUP: Our experts annotate Biden’s new executive order on cybersecurity

To help unpack President Joe Biden's new executive order on cybersecurity, Atlantic Council experts and friends mark up the order with their thoughts on what it means for the government and private sector.

New Atlanticist by Cyber Statecraft Initiative

Cybersecurity Digital Policy

Tue, May 18, 2021

Handler, Schroeder, and Herr in War on the Rocks: Cyber security as counter-terrorism: Seeking a better debate

To improve US cybersecurity, policymakers should draw on relevant strategic lessons from the study of terrorism and counterterrorism.

In the News by Atlantic Council

Cybersecurity Terrorism