Keep up with our work!

Follow us on Twitter for to keep up with the latest cybersecurity developments

Follow the Atlantic Council on LinkedIn for the the latest geopolitical analysis

Follow us on Spotify for the latest and greatest in cyber-themed music playlists

Projects

Cyber Statecraft team

Cyber Statecraft fellows

The Scowcroft Center for Strategy and Security works to develop sustainable, nonpartisan strategies to address the most important security challenges facing the United States and the world.

Content

The 5×5

Jun 29, 2022

The 5×5—Cybercrime and national security

By Simon Handler, Liv Rowley

Five experts weigh in on emerging trends in cybercrime and their impacts on national security. 

Cybersecurity Intelligence

Cyber 9/12 Project

Jun 27, 2022

Atlantic Council’s Cyber 9/12 Strategy Challenge expands to Scotland

The Abertay University cyberQuarter joins as a strategic partner for Cyber 9/12 Strategy Challenge, the world’s only multidisciplinary cyber competition. WASHINGTON DC – JUNE 27, 2022 – The Atlantic Council’s Cyber Statecraft Initiative, in partnership with the Scottish Government, Dewar Cyber Consulting, and Abertay University, will host the inaugural edition of the Cyber 9/12 Strategy […]

Issue Brief

Jun 14, 2022

Victory reimagined: Toward a more cohesive US cyber strategy

By Emma Schroeder, Stewart Scott, Trey Herr

US policy is on two potentially divergent paths: one that prioritizes the protection of American infrastructure through the pursuit of US cyber superiority, and one that seeks an open, secure cyber ecosystem.

Cybersecurity Security & Defense

The 5×5

May 12, 2022

The 5×5—Reflections on trusting trust: Securing software supply chains

By Simon Handler

Five experts discuss the implications of insecure software supply chains and realistic paths to securing them. 

Cybersecurity Defense Technologies

Article

May 9, 2022

Cyber strategy: Assumptions and hypotheticals 

By Yumi Gambrill and Emma Schroeder

When academics, policymakers, and practitioners discuss security and conflict within the cyber domain, they are often hampered by a series of ongoing debates and unarticulated assumptions. We have brought together members of these communities to discuss the reasons that these debates are important to the shaping of cybersecurity and strategic plans.

Cybersecurity

Buying Down Risk

May 3, 2022

Buying down risk: Container security

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

Industry's move towards container architectures provides great promise for dynamic systems and service provision, but it also brings up new concerns and opportunities for the cybersecurity ecosystem.

Cybersecurity Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Open source software

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

Open-source software underpins most modern code, and the unique incentives and constraints its developers face pose a tricky set of challenges for the cybersecurity ecosystem.

Cybersecurity Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Complexity management

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

The ever-increasing complexity of software programs and services can become a security and operational challenge in and of itself, increasing ecosystem-wide risk.

Cybersecurity Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Software provenance and composition

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

SBoM adoption is picking up pace, aiming to provide better insight into and contractual leverage for software components—increased investment, standardization, and coordination can help fully develop SBoM use.

Cybersecurity Technology & Innovation

Buying Down Risk

May 3, 2022

Buying down risk: Cyber poverty line

By Trey Herr, Robert Morgus, Stewart Scott, and Tianjiu Zuo

Many enterprises face systemic challenges to their cybersecurity posture, from resource shortages to suboptimal risk attitudes, all of which weaken an ecosystem only as secure as its weakest links.

Cybersecurity Technology & Innovation