Featured commentary & analysis

Notes from the field and analysis from our team—insights to give you practical leverage on the complex challenges of cybersecurity.

Featured in-depth research & reports

A synthesis of technical systems and policy dynamics, cybersecurity demands detailed understanding to create meaningful change. These reports dig deep into the concepts and assumptions that shape the geopolitics of cybersecurity. 

Featured event series

Leadership

Employment opportunities

Join our cause with the Cyber Statecraft Initiative of the Scowcroft Center for Strategy and Security.

Digital Statecraft, Digital Streetcraft Podcasts

Nowadays, information technology is an essential part of any nation-state’s toolkit. And yet, in the digital space, nation-states are just a few of many actors. A mastery of cyber operations can give nation-states the advantage they need to pursue their economic, national security or foreign policy goals. But without private sector and civil society cooperation, that mastery can be difficult to achieve. Hosted by the Atlantic Council’s Cyber Statecraft Initiative, Digital Statecraft Digital Streetcraft features diverse perspectives from thinkers in academia, industry and government. By bridging the worlds of statecraft and streetcraft, it examines questions at the nexus of information and communications technologies, geopolitics and national security, searching for cooperation to make cyberspace safer, more stable and more secure for all.

Episode 6: Securing the Software Supply Chain

November 4, 2019

The sheer magnitude and volume of code in software is always expanding. With many open source contributors and the opaque cloud operation of most software, there are just as many vulnerabilities as technological capabilities. In this episode, hear Michael Daly, the CTO of Raytheon, talk about this increasingly important topic: supply chain software security.

Episode 5: Digital Defenders

August 28, 2019

In this episode of Digital Statecraft, Digital Streetcraft, we are joined by Dr. Trey Herr, Director of the Atlantic Council’s Cyber Statecraft Initiative; Mariah Kenny, a recent Graduate from the University of Virginia and NCCDC UVA team captain; and Caroline Linkous, freshman and Echols Scholar at the University of Virginia. Together they discuss the importance of training and educating the next generation of cyber defenders in order to remain at the forefront of the cybersecurity field.

Episode 4: Supply Chain Security in the 21st Century

April 15, 2019

Supply chain attacks have caused some of the most damaging cyber incidents in history, including the 2017 NotPetya malware incident, and they are on the rise. The proliferation of internet-connected devices and the increased reliance of foreign manufacturing increases the attack surface for organizations and makes maintaining visibility into an entire supply chain challenging. The Atlantic Council and Raytheon facilitate a dynamic and solution-oriented discussion on mitigating supply chain risks in an increasingly-connected world.

Episode 3: Operationalizing Cyber Strategies

March 15, 2019

Early 2019 saw the biggest inflection point in US cyber strategy since 1998, with the White House, Department of Defense, and Cyber Command all publicizing new strategies. These new strategies adhering to persistent engagement will have second and third-order effects in the interconnected cyber world. The Atlantic Council and Raytheon facilitate a discussion covering whether these new strategies are the right strategies and how the US can make them work.

Episode 2: The Human Element of Cybersecurity

January 31, 2019

Humans are on the front lines of cybersecurity. As companies grow weary of disappointing “silver bullet” technical cybersecurity solutions, they need to turn to their workforce and the cyber community. Employees are more than just a weakness in the cyber perimeter; they can also be a valuable resource once equipped and educated. Employers should also be open to potential security professionals with unconventional backgrounds who can provide invaluable non-technical perspectives.

Episode 1: Protecting US Critical Infrastructure

December 21, 2018

The security of US critical infrastructure is vital to the nation’s security, prosperity, and well-being. We live in an era of constant advances in the sophistication of attack technology and the emergence of more destructive attacks and bolder nation-state actions, resulting in unprecedented access to power grid operations. Despite renewed concerns about the threat and the risks associated with potential disruptions, threats clearly outpace our ability to secure the infrastructure.

Follow Cyber Statecraft on Twitter

Experts

Content

Tue, Feb 25, 2020

The evolution of the internet and geopolitics

The internet has been a pivotal force behind the growth of the global digital economy and altered the relationship among states, their citizens, and the private sector. These changes have disrupted the geopolitical balance of power and ushered in a new generation of globally-powerful multinational companies. However, new dynamics of conflict are threatening the internet as we know it.

New Atlanticist by Simon Handler

Cybersecurity Internet

Fri, Feb 21, 2020

Sherman in WIRED: Governments Are Clamping Down On Foreign Tech Investments

In the News by Atlantic Council

Politics & Diplomacy Technology & Innovation

Fri, Feb 7, 2020

Handler in Lawfare: Election Security After Iowa

The Iowa caucus debacle showcased how unhinged conspiracies can inflict damage on democratic institutions that’s just as severe as more direct electoral manipulation—along with the risk posed by overblown electoral outrage. To the extent that Iowa was a dry run for more pernicious election security issues that might arise in the general election, just about everyone failed the test.

In the News by Simon Handler

Cybersecurity Elections

Tue, Jan 28, 2020

The 2010s: A cyber decade in review

The past ten years have, among other things, witnessed the most-costly cyberattack on record, the discovery of a computer worm capable of wreaking physical destruction, and USCYBERCOM’s elevation to unified combatant command status. As we turn the page to 2020, we’re looking back to recap the most significant, overblown, and emergent cyber incidents of the decade.

New Atlanticist by Simon Handler

Cybersecurity

Mon, Jan 27, 2020

Warring for the soul of the internet: Ten years on

The new reality is one where democracies must play a more assertive role to protect an open, free, fair, and secure internet, utilizing a strategy that recognizes the changes the internet has undergone, the pernicious influence of authoritarian states, and the role companies have in both protecting and fragmenting it. The internet can’t be brought back in time but there is hope, perhaps, that its original core values can be preserved in a new form through determined effort by its users, some companies, and the democratic states where the open web was born.

New Atlanticist by Trey Herr and Justin Sherman

Cybersecurity Internet

Mon, Jan 13, 2020

Cyber 9/12: Education and innovation on a global scale

One of the most important barriers to robust global cybersecurity is the shortage of capable individuals in the workforce pipeline. By 2021, predictions suggest that the world will have more than 3.5 million unfilled cybersecurity jobs, with both the private and public sectors facing hiring shortages. While the United States has budding international relations, cybersecurity, and IT-focused academic programs, very little has been done to address the interaction between them, which will be crucial for the success of future cybersecurity professionals.

New Atlanticist by Will Loomis

Cybersecurity

Wed, Jan 8, 2020

Atlantic Council press call: What will follow the US strike on Major General Soleimani?

This development will influence US engagement with Iran and partners in the region and its knock-on effects may very well manifest in the cyber domain. What type of de-escalatory engagement should we expect between the US and Iran following the assassination of Soleimani? What types of responses, both kinetic and cyber, can we expect from Iran, a country in need of appearing powerful to its allies and adversaries?

Press and Members Call by Atlantic Council

Cybersecurity Iran

Tue, Jan 7, 2020

US-Iran in crisis: Strategic ambiguity and loud weapons in cyberspace

Iran’s government will feel the need to retaliate against the United States, but it does not wish to ignite a prolonged war with the United States. The regime’s near-term aim is to demonstrate to its domestic and regional constituencies that it has the capability and the resolve to avenge Soleimani’s killing and, more strategically, to drum up support for hardliners ahead of legislative elections next month. While Iran has a number of options available, its cyber toolkit not one to be overlooked.

New Atlanticist by Simon Handler, Katherine Wolff, Will Loomis

Cybersecurity Iran

Fri, Jan 3, 2020

Herr quoted in Cheddar on Iranian threat to U.S. grid

In the News by Atlantic Council

Cybersecurity Disinformation

Mon, Dec 16, 2019

Cyber 9-12: A training ground for future leaders

Given the rapidly changing threat environment, cybersecurity is both a grand puzzle and a Sisyphean task. This year’s New York Challenge, hosted at Columbia SIPA with a scenario co-developed by the Atlantic Council, SIPA, and New York City Cyber Command, was a fascinating blend of these challenges.

Blog Post by Ben Ballard, Melanie Barlow, Jackie Faselt, and Andrew Seligson

Cybersecurity

Events

Mon, May 18, 2020

A transatlantic agenda for cloud & security

The Atlantic Council’s Cyber Statecraft Initiative and PKO Bank Polski host a joint, one-day conference at the Sofitel Victoria in Warsaw, Poland.

9:00am Warszawa Poland