Trey Herr
Dr. Trey Herr is Senior Director of the Cyber Statecraft Initiative, part of the Atlantic Council Technology Programs and assistant professor of Global Security and Policy at American University’s School of International Service. The CSI team works at the intersection of cybersecurity and geopolitics across conflict, cloud computing, supply chain policy, and more. Previously, Trey was a senior security strategist with Microsoft handling cybersecurity policy as well as a fellow with the Belfer Cybersecurity Project at Harvard Kennedy School and a non-resident fellow with the Hoover Institution at Stanford University. He holds a PhD in Political Science and BS in Musical Theatre and Political Science.
January 2024
Design Questions in the Software Liability Debate
Software liability—resurgent in the policy debate since its mention in the 2023 US National Cybersecurity Strategy—describes varied potential structures to create legal accountability for vendors of insecure software. This report identifies key design questions for such regimes and tracks their discussion through the decades-long history of the debate.
September 2023
Software Supply Chain Security: The Dataset
Want to dive deeper into the Breaking Trust database? You have come to the right place.
July 2023
Why Do SBOM Haters Hate? Or Why Trade Associations Say the Darndest Things
SBOMs are an important step forward for software supply chain security, so despite pushback and opposition, industry and government should take a page out of Taylor Swift’s book and just keep cruisin’, don’t let SBOM haters get in the way.
