41 Items

Audio - War on the Rocks

War on the Rocks Podcast: The Big Cyber Spectacular

| Feb. 15, 2018

In our latest episode, Usha Sahay and Ryan Evans were joined by Thomas Rid, Michael Sulmeyer, and a mystery guest (ok, ok, it’s Corinna Fehst) to talk about cyber-security, election meddling, reports about U.S. intel agencies buying back pilfered hacking tools, going dark, legislatures as the vulnerable soft cyber underbelly of democracies, and the different threats posed by Russia and China.

Also, “Password1” is not a good password according to our guests. So you should probably change that.

teaser image

Video

Hearing: Department of Defense’s role in Protecting Democratic Elections

| Feb. 13, 2018

Election Security The Senate Armed Services Subcommittee on Cybersecurity held a hearing on the Defense Department’s role in ensuring the U.S. election process is secure from foreign influence. Much of the discussion focused on Russian meddling, which took place in the 2016 presidential election and was expected to continue in future U.S. elections as well as those around the world. Committee members and witnesses agreed that the issue would continue to get worse and that there must be a solution that includes both the government and the private sector, while understanding that each has different interests in terms of national security and profit, respectively. 

Analysis & Opinions - Lawfare

Assessing the Bipartisan Secure Elections Act

| Jan. 03, 2018

On Dec. 21, all eyes were on the Republican bill to cut taxes. Yet a bipartisan group of six senators also had their eyes on the far less sexy (but still important!) topic of election hacking. They quietly introduced a bill called the Secure Elections Act that, if passed, would be a good down payment on improving the confidence we can have in the integrity of our elections. This short, stocking-stuffer size review will: review some of the core questions around election security, assess the bill’s provisions to improve information sharing, its grant program, and its bug bounty, and conclude with some tough realism about additional work that needs to be undertaken to protect our elections.

teaser image

Journal Article - Georgetown Journal of International Affairs

Campaign Planning with Cyber Operations

| Dec. 28, 2017

The military not only plans for operations, it also plans to plan. Yet there is no current plan or process in place to integrate cyber initiatives into campaign planning. The US government must determine how to integrate offensive and defensive cybercapabilities into campaign planning in order to leverage these capabilities and pair them with the military’s broad array of tools.

Analysis & Opinions - Lawfare

Cybersecurity in the 2017 National Security Strategy

| Dec. 19, 2017

The administration should be given relatively high marks for the document’s cybersecurity components—especially for recognizing the breadth of the threat and that it’s going to take more than the help desk to fix it. Admittedly, that’s a pretty low bar. But National Security Strategy documents are not known as documents where big policy innovation occurs. Instead, the best you can usually do is articulate the broad contours of the main threats to national security coupled with some rough themes about what the government will do to make things better. Here, the administration does not isolate “the cyber” to the sidelines; instead, by talking about cyber issues throughout the document, the administration shows an understanding that cyberspace is a critical part to practically every aspect of national security.

Analysis & Opinions - Harvard Business Review

More Training Won't Reduce Your Cyber Risk

| Nov. 24, 2017

How many times have you had to watch your company’s latest cybersecurity training video? An entire industry now exists to train us humans to be smarter in how we operate computers, and yet the number of cybersecurity incidents continues to rise. Are the hackers always one step ahead? Are we impossible to train? Or are we being taught the wrong lessons?

teaser image

Audio

The CyberWire Daily Podcast

| Oct. 27, 2017

In today's podcast, we hear that BadRabbit, still quiet, looks like a TeleBots product. Reaper is still locked and loaded, but is also still quiet. Maritime SATCOM system found to be buggy, and the worse news is that it's beyond its end-of-life. A look back at the annual ICS Cybersecurity Summit that wrapped yesterday in Atlanta. Moscow tells Twitter buying ads is a free speech issue. Justin Harvey from Accenture on monitoring cloud infrastructure. Guest is Michael Sulmeyer, Director of the Cyber Security Project at the Harvard Kennedy School’s Belfer Center for Science and International Affairs. Anonymous is back and poking at the Spanish government.

Report - Centre for International Governance Innovation

Getting beyond Norms: New Approaches to International Cyber Security Challenges

| Sep. 07, 2017

In March 2017, CIGI and the Belfer Center for Science and International Affairs at the Harvard Kennedy School brought together 28 academics, diplomats and other specialists for a one-day workshop in Cambridge, Massachusetts, to discuss and search for effective approaches to these and other international cyber security challenges. These essays provide a report on that workshop and the ideas that emerged.