262 Items

Audio - War on the Rocks

War on the Rocks Podcast: The Big Cyber Spectacular

| Feb. 15, 2018

In our latest episode, Usha Sahay and Ryan Evans were joined by Thomas Rid, Michael Sulmeyer, and a mystery guest (ok, ok, it’s Corinna Fehst) to talk about cyber-security, election meddling, reports about U.S. intel agencies buying back pilfered hacking tools, going dark, legislatures as the vulnerable soft cyber underbelly of democracies, and the different threats posed by Russia and China.

Also, “Password1” is not a good password according to our guests. So you should probably change that.

Analysis & Opinions - Lawfare

Evaluating the U.K.'s ‘Active Cyber Defence’ Program

| Feb. 14, 2018

In November 2016, the U.K. government launched its Active Cyber Defence (ACD) program with the intention of tackling “in a relatively automated [and transparent] way, a significant proportion of the cyber attacks that hit the U.K.” True to their word, a little over a year on, last week the U.K.’s National Cyber Security Centre (NCSC) published a full and frank account (over 60 pages long) of their progress to date. The report itself is full of technical implementation details. But it’s useful to cut through the specifics to explain exactly what ACD is and highlight its successes—how the program could benefit the United States as well.

teaser image

Video

Hearing: Department of Defense’s role in Protecting Democratic Elections

| Feb. 13, 2018

Election Security The Senate Armed Services Subcommittee on Cybersecurity held a hearing on the Defense Department’s role in ensuring the U.S. election process is secure from foreign influence. Much of the discussion focused on Russian meddling, which took place in the 2016 presidential election and was expected to continue in future U.S. elections as well as those around the world. Committee members and witnesses agreed that the issue would continue to get worse and that there must be a solution that includes both the government and the private sector, while understanding that each has different interests in terms of national security and profit, respectively. 

Analysis & Opinions - Lawfare

Assessing the Bipartisan Secure Elections Act

| Jan. 03, 2018

On Dec. 21, all eyes were on the Republican bill to cut taxes. Yet a bipartisan group of six senators also had their eyes on the far less sexy (but still important!) topic of election hacking. They quietly introduced a bill called the Secure Elections Act that, if passed, would be a good down payment on improving the confidence we can have in the integrity of our elections. This short, stocking-stuffer size review will: review some of the core questions around election security, assess the bill’s provisions to improve information sharing, its grant program, and its bug bounty, and conclude with some tough realism about additional work that needs to be undertaken to protect our elections.

teaser image

Journal Article - Georgetown Journal of International Affairs

Campaign Planning with Cyber Operations

| Dec. 28, 2017

The military not only plans for operations, it also plans to plan. Yet there is no current plan or process in place to integrate cyber initiatives into campaign planning. The US government must determine how to integrate offensive and defensive cybercapabilities into campaign planning in order to leverage these capabilities and pair them with the military’s broad array of tools.

Analysis & Opinions - Lawfare

Cybersecurity in the 2017 National Security Strategy

| Dec. 19, 2017

The administration should be given relatively high marks for the document’s cybersecurity components—especially for recognizing the breadth of the threat and that it’s going to take more than the help desk to fix it. Admittedly, that’s a pretty low bar. But National Security Strategy documents are not known as documents where big policy innovation occurs. Instead, the best you can usually do is articulate the broad contours of the main threats to national security coupled with some rough themes about what the government will do to make things better. Here, the administration does not isolate “the cyber” to the sidelines; instead, by talking about cyber issues throughout the document, the administration shows an understanding that cyberspace is a critical part to practically every aspect of national security.

Analysis & Opinions - Harvard Business Review

More Training Won't Reduce Your Cyber Risk

| Nov. 24, 2017

How many times have you had to watch your company’s latest cybersecurity training video? An entire industry now exists to train us humans to be smarter in how we operate computers, and yet the number of cybersecurity incidents continues to rise. Are the hackers always one step ahead? Are we impossible to train? Or are we being taught the wrong lessons?

- Belfer Center for Science and International Affairs, Harvard Kennedy School

Defending Digital Democracy Project Aims to Protect Election Integrity

| Fall/Winter 2017-2018

In July, the Belfer Center launched a new, bipartisan initiative called the Defending Digital Democracy Project  (D3P). Led by Belfer Center Co-Director Eric Rosenbach, along with the former campaign managers for Hillary Clinton and Mitt Romney, the project aims to identify and recommend strategies, tools, and technology to protect democratic processes and systems from cyber and information attacks.

Analysis & Opinions - The Washington Post

Would cyberattacks be likely in a U.S.-North Korea conflict? Here’s what we know.

| Nov. 21, 2017

North Korea’s 3,000 to 6,000 hackers and the 10 to 20 percent of its military budget going toward online operations mean the country’s cyberthreat to the United States stands only behind that of China, Russia and Iran. If the current tensions continue to escalate, could the United States or North Korea use their cyber-capabilities as a “force multiplier” to conventional military systems?