The Cyber Statecraft Initiative works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology. This work extends through the competition of state and non-state actors, the security of the internet and computing systems, the safety of operational technology and physical systems, and the communities of cyberspace. The Initiative convenes a diverse network of passionate and knowledgeable contributors, bridging the gap among technical, policy, and user communities.

To keep up to date with our latest work, check us out on:

Our Work

Our Team

Cyber Statecraft Fellows

Events and programs

CSI is dedicated to convening a diverse network of passionate and knowledgeable contributors, bridging the gap among technical, policy, and user communities. Check out our past events here and make sure to keep an eye out for our future events by following us on Twitter and LinkedIn.

Recent Publications

June 2024

“Reasonable” Cybersecurity in Forty-Seven Cases: The Federal Trade Commission’s Enforcement Actions Against Unfair and Deceptive Cyber Practices

by Isabella Wright, Maia Hamin

The FTC has brought 47 cases against companies for unfair or deceptive cybersecurity practices. What can we learn from them?
Read More
May 2024

International Cyberspace & Digital Policy Strategy: AC Tech Programs Markup

by Emma Schroeder, Graham Brookie, Raul Brens Jr., Emerson Brooking, Safa Shahwan Edwards, Trey Herr, Rose Jackson

On May 6, the Department of State released the United States International Cyberspace & Digital Policy Strategy. Read along with AC Tech Programs staff, fellows, and experts for commentary and analysis.
Read More
May 2024

The 5×5—The XZ Backdoor: Trust and Open Source Software

by Nitansha Bansal, Stewart Scott

Open source software security experts share their insights into the XZ backdoor, and what it means for open source software security.
Read More
April 2024

Markets Matter: A Glance into the Spyware Industry

by Jen Roberts, Trey Herr, Emma Taylor, Nitansha Bansal

The Intellexa Consortium is a complex web of holding companies and vendors for spyware and related services. The Consortium represents a compelling example of spyware vendors in the context of the market in which they operate—one which helps facilitate the commercial sale of software driving both human rights and national security risk.
Read More
April 2024

O$$ Security: Does More Money for Open Source Software Mean Better Security? A Proof of Concept

by Sara Ann Brackett, John Speed Meyers, Stewart Scott

A proof-of-concept study looking for correlation between open source software project funding and security practices at scale.
Read More
February 2024

The 5×5—Alumni perspectives on Cyber 9/12 Strategy Challenge

by Nitansha Bansal, Isabella Wright

Alumni of Cyber 9/12 Strategy Challenge share their experiences, and discuss the impact of such simulated exercises to prepare for real life cyber attacks.
Read More
February 2024

Hacking with AI

by Maia Hamin, Stewart Scott

Can generative AI help hackers? By deconstructing the question into attack phases and actor profiles, this report analyzes the risks, the realities, and their implications for policy.
Read More
February 2024

Future-Proofing the Cyber Safety Review Board

by Maia Hamin, Alphaeus Hanson, Trey Herr, Stewart Scott

The Cyber Safety Review Board seeks to examine and learn from complex failures in cyberspace. As Congress considers how to design its next iteration, there are ways to make it more effective and adaptable for the increasing challenges to come.
Read More
January 2024

The Great Despiser: The BSA, Memory Safety, and How to Make a Good Argument Badly

by Stewart Scott

Memory-safe programming languages are in the cyber policy mainstream, but some hesitation remains. Looking at the arguments around memory safety is informative for larger cyber policy debates too.
Read More
January 2024

The 5×5—Forewarned is forearmed: Cybersecurity policy in 2024

by Nitansha Bansal, Trey Herr

Members of the Cyber Statecraft Initiative team discuss the regulatory requirements and emerging technology they are closely following in 2024, and forewarn of the year ahead.
Read More