Highlighted content

All in-depth research & reports

Mon, Jun 15, 2020

The reverse cascade: Enforcing security on the global IoT supply chain

The Internet of Things (IoT) refers to the increasing convergence of the physical and digital worlds and it affects us all. Hundreds of “things” are being connected to the Internet and each other, with more than fifty billion devices expected to be connected by 2030. Many IoT devices are manufactured abroad at low cost with little consideration for security. How can we secure these devices, especially those manufactured outside the United States?

In-Depth Research & Reports by Nathaniel Kim, Trey Herr, and Bruce Schneier

Cybersecurity Internet of Things

Thu, Apr 30, 2020

Loose cobras: DPRK regime succession and uncertain control over offensive cyber capabilities

Unconfirmed rumors surfaced in mid April 2020 regarding the potential incapacitation of North Korean leader Kim Jong Un, leading to speculation about the ramifications of a sudden transition of leadership in Pyongyang. These rumors raise serious concerns over the stability of the Democratic People’s Republic of Korea’s (DPRK) control of offensive cyber operations capabilities.

Issue Brief by JD Work

Cybersecurity East Asia

Wed, Dec 11, 2019

Aviation cybersecurity: Scoping the challenge

The digital attack surface the aviation sector presents to its adversaries continues to grow in such a way that both managing risk and gaining insight on it remain difficult. With emerging technologies like machine learning and fifth-generation (5G) telecommunications seeing wider adoption—alongside electric vertical takeoff and landing (eVTOL), autonomous aircraft, and increased use of space—aviation-cybersecurity risk management is on the cusp of becoming more complex.

Report by Pete Cooper, Simon Handler, Safa Shahwan Edwards

Cybersecurity Infrastructure Protection

Fri, Nov 22, 2019

What do we know about cyber escalation? Observations from simulations and surveys

Do cyber operations alter how states respond to international crises in a way that creates incentives for decision makers to cross the Rubicon and use military force to settle disputes? This question is central to current cyber strategy debates and the idea of persistent engagement and defending forward in cyberspace. The answer is surprising: no. Based on the evidence, cyber operations offer a valuable escalatory offramp.

Issue Brief by Benjamin Jensen and Brandon Valeriano

Cybersecurity

Tue, Jul 16, 2019

Collective defense of human dignity: the vision for NATO’s future in cyberspace

An alliance under tension, NATO today faces the challenges of burden sharing, a multipolar world full of old adversaries and emerging challengers. In “Collective Defense of Human Dignity: The Vision for NATO’s Future in Cyberspace,” Christopher Porter, a nonresident senior fellow in the Cyber Statecraft Initiative at the Atlantic Council analyzes member states struggling with […]

Issue Brief by Christopher B. Porter

Wed, Apr 24, 2019

Cybersecurity: Changing the model

The need to update the cybersecurity model is clear. An enhanced public-private model – based on coordinated, advanced protection and resilience – is necessary to protect key critical infrastructure sectors

Report by Franklin D. Kramer and Robert J. Butler

Cybersecurity English

Mon, Sep 17, 2018

It takes a village: How hacktivity can save your company

With our modern-day reliance on digital technology, software and system vulnerabilities have become increasingly hard to avoid. Thoroughly eliminating all these vulnerabilities can be a challenge, but through a coordinated vulnerability disclosure (CVD) program, governments and private companies can mitigate them with the help of independent security researchers.

Report by Shaun Ee

Cybersecurity English

Tue, Sep 11, 2018

Defining Russian election interference: An analysis of select 2014 to 2018 cyber enabled incidents

Of all the political ideas to defend themselves before the court of human history, few have proven as potent and as compelling as that of electoral democracy. Yet in recent years, electoral democracy has once more come under challenge, facing off against popular discontent, revisionist governments, and—most significantly—the rise of new media and digital technologies. […]

Issue Brief by Laura Galante & Shaun Ee

Cybersecurity Elections

Wed, May 30, 2018

Supply chain in the software era

As the energy sector has become more globalized and increasingly complex in its reliance on software components, the supply-chain risk has evolved and expanded. One such risk that stands out is unintended taint, namely flaws in software components unintentionally built into products in design or implementation.

In-Depth Research & Reports by Beau Woods and Andy Bochman

Cybersecurity English

Thu, May 3, 2018

Innovation on cyber collaboration: Leverage at scale

In cybersecurity, it is time to go beyond sharing and ad hoc cooperation, to collaboration at scale across borders, stakeholders, and sectors. This effort should begin with a determined study of the responses to past incidents and how to improve them, then proceed to new, action-oriented Cyber Incident Collaboration Organizations (CICO) to streamline response.

Issue Brief by Jason Healey

Cybersecurity English

Cyber Statecraft Initiative

Working at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.

Read More