The Scowcroft Center for Strategy and Security works to develop sustainable, nonpartisan strategies to address the most important security challenges facing the United States and the world.

What is cyber statecraft?

Cyber statecraft is the use of technology to achieve strategic ends. Cyber statecraft is in a government’s design of data governance regulations to punish foreign firms, in a technology company’s decision to unmask a national intelligence operation, and in the military’s use of cyber effects to support forces on a kinetic battlefield. As private firms expand their authority over internet infrastructure, content, and activities they too become influential geopolitical players. As states assimilate technology into new domains of conventional warfare, surveillance, and security regulation, they fuse choices in technology design to political debate. 

This is the conduct of cyber statecraft, at the nexus of technology and geopolitics.  

The insecurity of widely used technology systems, from planes, to routers, to automobiles presents a marked danger to economic and social health. Adversaries present novel threats to well-established policy processes and demand action in new domains and in new forms from policymakers. The Cyber Statecraft Initiative presents substantive analysis from those closest to the issues, leveraging the Scowcroft Center’s innate expertise and a network of fellows to shift attention from singular incidents to the slow but tectonic nature of strategic change. 

Our pillars

Cyber operations and defense policy

Cyber capabilities are an increasingly common feature on modern battlefields and shape the conduct of statecraft. The development of these capabilities must now factor into debates about doctrine, force structure, and innovation. Our work looks at the broad policy landscape around cyber capabilities including the secure acquisition and operation of software intensive defense systems, modern security assistance, the proliferation of cyber capabilities, and network exploitation on the boundaries of electronic warfare. 

Internet and systems security

An interconnected system of global networks, the internet provides a massive platform for conducting commerce and linking people across international community. Organizations of all shapes and sizes depend on the internet. We work to support and advise governments and the private sector working to secure the internet from degradation, malign influence, and direct harm. We advocate for US global leadership and empowered user communities by convening practitioners to ensure a free, secure, and open internet. 

Communities of cyberspace

Cybersecurity continues to expand and with it the need for a trained and talented workforce in nations of all sizes. The size of this workforce continues to lag demand, particularly for those who can translate between policy and technology. Through our Cyber 9/12 Strategy Challenge, we seek to tackle the global cyber skills shortage with iterated crisis simulation, policy analysis, and mentorship. Part interactive learning experience, part competitive scenario exercise, Cyber 9/12 challenges student teams from a range of academic disciplines to respond to a realistic and evolving scenario. Teams analyze threats and develop responses to manage an escalating crisis, with built in feedback loops from expert judges.

Cyber safety

The convergence of the digital and physical worlds through embedded computing and the Internet of Things impacts the technology marketplace and geopolitical dynamics through systems people interact with every day. We seek to identify and influence key policy debates on the security of operational technologies across the United States, European Union, and Asia, driving collaborative efforts to focus on healthcare devices, maritime systems, and aerospace technologies.

Analysis and in-depth research

Our articles, issue briefs, and reports consist of notes from the field and analysis from our team—insights to give you practical leverage on the complex challenges of cybersecurity. A synthesis of technical systems and policy dynamics, cybersecurity demands detailed understanding to create meaningful change. These analyses dig deep into the concepts and assumptions that shape the geopolitics of cybersecurity. 

Events and convening

Leadership

Opportunities

Looking for a paid summer internship?

We are now recruiting Young Global Professionals for Summer 2021!

Applications close Friday, March 26, 2021.

Fellows

Experts

Content

Mon, Dec 14, 2020

How do you fix a flying computer? Seeking resilience in software-intensive mission systems

Defense organizations, by nature, confront unanticipated and highly impactful disruptions. They must adapt complex mission systems to withstand these disruptions and accomplish defined objectives. To ensure mission systems like the F-35 remain available, capable, and lethal in conflicts to come demands the United States and its allies prioritize the resilience of these systems.

Report by Trey Herr, Reed Porada, Simon Handler, Orton Huang, Stewart Scott, Robert Lychev, and Jeremy Mineweaser

Cybersecurity Defense Industry

Thu, Dec 3, 2020

Why we fight: Learning from the Cyber 9/12 Strategy Challenge

Competitors finish the Cyber 9/12 Strategy Challenge better prepared to communicate their ideas, better prepared to address the complex threat-filled environment presented by modern cybersecurity, and better prepared to contribute new ideas and new thinking that may someday help to reduce the risks of unnecessary conflict carried out through the cyber domain. These are all good reasons to compete.

Blog Post by Robert Carolina

Cybersecurity Defense Policy

Wed, Nov 18, 2020

Huawei’s push in Russia exploits Kremlin fears of Western technology

With Moscow yearning for an alternative to Western technology and the United States on a campaign to throw Huawei out of Europe and East Asia, the Chinese telecom giant sensed opportunity in Russia.

New Atlanticist by Justin Sherman

China Cybersecurity

Tue, Nov 17, 2020

FAST THINKING: Trump fires top DHS cybersecurity official over election protection

Donald Trump escalated his attacks on the integrity of the US election process Tuesday night, firing a top Department of Homeland Security cybersecurity official who spent the last weeks debunking many of the president’s false claims about election fraud.

Fast Thinking by Atlantic Council

Cybersecurity Disinformation

Sun, Nov 8, 2020

Austin, Texas Cyber 9/12 Strategy Challenge Playbook

Power’s Out, Election in Doubt Scenario Summary Intelligence Report I Intelligence Report I Recommendations Intelligence Report II Intelligence Report II Recommendations Intelligence Report III Scenario Summary This scenario takes place from September to November of 2020, shining a light on a dire possibility–how can the United States respond to a cyberattack on the power grid […]

Cyber 9/12 Project

Cybersecurity Elections

Thu, Oct 29, 2020

The 5×5—Trick or threat? The ghouls and goblins behind this year’s cyber incidents

This year has witnessed its fair share of unnerving cyber incidents from a range of spooky characters. But 2020 is not over yet. What further ghouls and goblins might lurk? Cyber Statecraft Initiative experts go 5×5 to discuss spine-chilling cyber incidents this Halloween.

New Atlanticist by Simon Handler

Cybersecurity Disinformation

Mon, Oct 26, 2020

Myles-Primakoff and Sherman in Foreign Policy: Russia’s internet freedom shrinks as Kremlin seizes control of homegrown tech

In the News

Politics & Diplomacy Russia

Tue, Oct 13, 2020

Trouble underway: Seven perspectives on maritime cybersecurity

With greater than 90 percent of all global trade tonnage transported by sea and vital global energy networks, maritime infrastructure has never been more essential and yet also more at risk.

New Atlanticist by Cyber Statecraft Initiative

Cybersecurity Internet

Wed, Oct 7, 2020

The 5×5—Cybersecurity and the 117th Congress

Approximately eighty congressional committees and subcommittees claim jurisdiction over at least some dimension of cybersecurity policy. As the agenda for the coming years is only getting more crowded, Congress must improve its agility in order to pass meaningful cybersecurity legislation effectively.

New Atlanticist by Simon Handler

Cybersecurity Disinformation

Mon, Oct 5, 2020

BGP incident data

The Border Gateway Protocol communicates potential paths that Internet packets can take from their origin to their destination. It’s the Internet’s “GPS” for traffic and a key part of the Internet’s digital rules. There are multiple physical routes available to send an email from Washington, DC, to a user in Berlin, because the Internet is […]

Resources by Justin Sherman

Cybersecurity Internet

Events

Thu, Mar 4, 2021

You want us to do what, now? CISO views on public-private partnerships

Online Event Cybersecurity leaders from different sectors discuss events that policy needs to address.

1:00pm Cybersecurity Technology & Innovation