Cyber Statecraft Initiative
Wed, Jul 24, 2024
OT Cyber Policy: The Titanic or the Iceberg
Current policy does not address the issue of cyber-physical security with a systemic approach, instead focusing with tunnel vision on specific events. This analysis uses the iceberg model for systems thinking to address policy gaps in the OT ecosystem, detailing recommendations for the Cybersecurity and Infrastructure Security Agency (CISA).
by Danielle Jablanski
Mon, Jul 1, 2024
The Impact of Corruption on Cybersecurity: Rethinking National Strategies Across the Global South
As the Global South prepares for the next stage in ICT development, governments must prioritize policies that reduce corruption in critical network software procurement to protect those countries' developing cyberspace.
by Robert Peacock
Mon, Jun 24, 2024
User in the Middle: An Interoperability and Security Guide for Policymakers
When technologies work together, it benefits users and the digital ecosystem. Policymakers can advance interoperability and security in tandem by understanding how each impacts the other.
Wed, Jun 12, 2024
“Reasonable” Cybersecurity in Forty-Seven Cases: The Federal Trade Commission’s Enforcement Actions Against Unfair and Deceptive Cyber Practices
The FTC has brought 47 cases against companies for unfair or deceptive cybersecurity practices. What can we learn from them?
Mon, May 13, 2024
International Cyberspace & Digital Policy Strategy: AC Tech Programs Markup
On May 6, the Department of State released the United States International Cyberspace & Digital Policy Strategy. Read along with AC Tech Programs staff, fellows, and experts for commentary and analysis.
by Emma Schroeder, Graham Brookie, Raul Brens Jr., Emerson Brooking, Safa Shahwan Edwards, Trey Herr, Rose Jackson
Tue, May 7, 2024
Lessons Learned from the Cyber 9/12 Strategy Challenge
Students from Tufts University tell us their greatest lessons learned from competing in the Cyber 9/12 Strategy Challenge.
by Sara Mishra, Hannah Dora Patterson, Ethan Moscot, and Andrew Vu
Wed, May 1, 2024
The 5×5—The XZ Backdoor: Trust and Open Source Software
Open source software security experts share their insights into the XZ backdoor, and what it means for open source software security.
Mon, Apr 22, 2024
Markets Matter: A Glance into the Spyware Industry
The Intellexa Consortium is a complex web of holding companies and vendors for spyware and related services. The Consortium represents a compelling example of spyware vendors in the context of the market in which they operate—one which helps facilitate the commercial sale of software driving both human rights and national security risk.
by Jen Roberts, Trey Herr, Emma Taylor, Nitansha Bansal
Thu, Apr 18, 2024
O$$ Security: Does More Money for Open Source Software Mean Better Security? A Proof of Concept
A proof-of-concept study looking for correlation between open source software project funding and security practices at scale.
by Sara Ann Brackett, John Speed Meyers, Stewart Scott
Wed, Feb 28, 2024
The 5×5—Alumni perspectives on Cyber 9/12 Strategy Challenge
Alumni of Cyber 9/12 Strategy Challenge share their experiences, and discuss the impact of such simulated exercises to prepare for real life cyber attacks.
Thu, Feb 15, 2024
Hacking with AI
Can generative AI help hackers? By deconstructing the question into attack phases and actor profiles, this report analyzes the risks, the realities, and their implications for policy.
Thu, Feb 8, 2024
Future-Proofing the Cyber Safety Review Board
The Cyber Safety Review Board seeks to examine and learn from complex failures in cyberspace. As Congress considers how to design its next iteration, there are ways to make it more effective and adaptable for the increasing challenges to come.
