The Scowcroft Center for Strategy and Security works to develop sustainable, nonpartisan strategies to address the most important security challenges facing the United States and the world.

What is cyber statecraft?

Cyber statecraft is the use of technology to achieve strategic ends. Cyber statecraft is in a government’s design of data governance regulations to punish foreign firms, in a technology company’s decision to unmask a national intelligence operation, and in the military’s use of cyber effects to support forces on a kinetic battlefield. As private firms expand their authority over internet infrastructure, content, and activities they too become influential geopolitical players. As states assimilate technology into new domains of conventional warfare, surveillance, and security regulation, they fuse choices in technology design to political debate. 

This is the conduct of cyber statecraft, at the nexus of technology and geopolitics.  

The insecurity of widely used technology systems, from planes, to routers, to automobiles presents a marked danger to economic and social health. Adversaries present novel threats to well-established policy processes and demand action in new domains and in new forms from policymakers. The Cyber Statecraft Initiative presents substantive analysis from those closest to the issues, leveraging the Scowcroft Center’s innate expertise and a network of fellows to shift attention from singular incidents to the slow but tectonic nature of strategic change. 

Our pillars

Cyber operations and defense policy

Cyber capabilities are an increasingly common feature on modern battlefields and shape the conduct of statecraft. The development of these capabilities must now factor into debates about doctrine, force structure, and innovation. Our work looks at the broad policy landscape around cyber capabilities including the secure acquisition and operation of software intensive defense systems, modern security assistance, the proliferation of cyber capabilities, and network exploitation on the boundaries of electronic warfare. 

Internet and systems security

An interconnected system of global networks, the internet provides a massive platform for conducting commerce and linking people across international community. Organizations of all shapes and sizes depend on the internet. We work to support and advise governments and the private sector working to secure the internet from degradation, malign influence, and direct harm. We advocate for US global leadership and empowered user communities by convening practitioners to ensure a free, secure, and open internet. 

Communities of cyberspace

Cybersecurity continues to expand and with it the need for a trained and talented workforce in nations of all sizes. The size of this workforce continues to lag demand, particularly for those who can translate between policy and technology. Through our Cyber 9/12 Strategy Challenge, we seek to tackle the global cyber skills shortage with iterated crisis simulation, policy analysis, and mentorship. Part interactive learning experience, part competitive scenario exercise, Cyber 9/12 challenges student teams from a range of academic disciplines to respond to a realistic and evolving scenario. Teams analyze threats and develop responses to manage an escalating crisis, with built in feedback loops from expert judges.

Cyber safety

The convergence of the digital and physical worlds through embedded computing and the Internet of Things impacts the technology marketplace and geopolitical dynamics through systems people interact with every day. We seek to identify and influence key policy debates on the security of operational technologies across the United States, European Union, and Asia, driving collaborative efforts to focus on healthcare devices, maritime systems, and aerospace technologies.

Analysis and in-depth research

Our articles, issue briefs, and reports consist of notes from the field and analysis from our team—insights to give you practical leverage on the complex challenges of cybersecurity. A synthesis of technical systems and policy dynamics, cybersecurity demands detailed understanding to create meaningful change. These analyses dig deep into the concepts and assumptions that shape the geopolitics of cybersecurity. 

Events and convening

Leadership

Opportunities

Looking for a paid summer internship?

We are now recruiting Young Global Professionals for Summer 2021!

Applications close Friday, March 26, 2021.

Fellows

Experts

Content

Thu, Feb 11, 2021

The 5×5—Looking ahead for the Biden administration after a busy year in cybersecurity

It’s been a wild twelve months in the world of cybersecurity since the Atlantic Council’s Cyber Statecraft Initiative launched the 5×5 series. In celebration of the series' one-year anniversary, experts plotted the year ahead.

New Atlanticist by Simon Handler

Cybersecurity Technology & Innovation

Wed, Feb 10, 2021

Atlantic Council’s UK Cyber 9/12 Strategy Challenge returns for its fourth year

BT returns as strategic partner for virtual cybersecurity strategy challenge for UK students

Press Release

Cybersecurity United Kingdom

Mon, Feb 8, 2021

Sherman and Herr in The National Interest: Finding a foreign policy for the internet

At present, the United States foreign policy for the internet is absent, and much of the country’s policy efforts could be summed up as “not what China is doing,” a rejectionist attitude beset on all sides by purposeful adversaries and weakened alliances. The United States government does not yet have a constructive strategy for the […]

Op-Ed

Thu, Feb 4, 2021

Protecting the new frontier: Seven perspectives on aerospace cybersecurity

The aviation community is experiencing unprecedented difficulties, while space is emerging as a new fronter with challenges of its own. But there are opportunities for experts across the aerospace sector to tackle its cybersecurity challenges.

Article by Simon Handler

Cybersecurity Space

Mon, Feb 1, 2021

Pathologies of obfuscation: Nobody understands cyber operations or wargaming

National security and defense professionals have long utilized wargames to better understand hypothetical conflict scenarios. With conflict in the cyber domain becoming a more prominent piece in wargames in the national security community, this issue brief seeks to identify the common pathologies, or potential pitfalls, of cyber wargaming.

In-Depth Research & Reports by Nina Kollars and Benjamin Schechter

Cybersecurity National Security

Fri, Jan 22, 2021

Loomis and Scott in Lawfare: A role for the vulnerabilities equities process in securing software supply chains

On Jan. 14, something unusual happened—the National Security Agency (NSA) publicly announced that it had discovered a critical vulnerability (CVE 2020-0601) deep within Windows 10 and reported it to Microsoft for patching. The disclosure was lauded because of the bug’s severity; buried in a cryptographic library, it would have allowed opportunistic attackers to decipher encrypted […]

In the News

Cybersecurity

Mon, Jan 11, 2021

2021 DC Cyber 9/12 Strategy Challenge

The Atlantic Counci’s Cyber Statecraft Initiative will hold its second entirely virtual Cyber 9/12 Strategy Challenge on March 4-5, 2021. In lieu of our annual in-person challenge, we will host the entire event over the Zoom platform. The agenda and format will look very similar to past Cyber 9/12 Challenges, except that it will be held remotely. Plenary […]

Cyber 9/12 Project

Cybersecurity

Tue, Dec 22, 2020

The 5×5—A cyber wish list at a ‘moment of reckoning’

The recent SUNBURST compromise of numerous government and private sector company networks has led some, including Microsoft President Brad Smith, to dub the incident a “moment of reckoning.” Here's what our experts are wishing for this holiday season.

New Atlanticist by Simon Handler

Cybersecurity Disinformation

Mon, Dec 21, 2020

To defend US elections, we must recognize that the fault is in ourselves

It is time to put money toward state information infrastructure, to align public expectations with the pace of the democratic process, and to hold elected leaders accountable for lighting fires in information dumpsters.

New Atlanticist by Nina Kollars and Michael Rodriguez

Cybersecurity Disinformation

Tue, Dec 15, 2020

Which hacker group is most like your astrological sign?

Which cyber Advanced Persistent Threat (APT) is most like your astrological sign? After all, behind every cyber operation is a human, led by his or her values and decisions, which can be shaped by one’s astrological sign. These APT-sign pairings provide a guide to some of the most dangerous cyber threat actors and perhaps even a forecast of their prospects for success.

New Atlanticist by Safa Shahwan Edwards and June Lee

Cybersecurity Internet

Events

Thu, Mar 4, 2021

You want us to do what, now? CISO views on public-private partnerships

Online Event Cybersecurity leaders from different sectors discuss events that policy needs to address.

1:00pm Cybersecurity Technology & Innovation