Cyber Statecraft Initiative
@cyberstatecraft.bsky.social
The Cyber Statecraft Initiative works at the nexus of geopolitics and cybersecurity to craft strategies to help shape the conduct of statecraft and to better inform and secure users of technology.
Pinned
Everything’s bigger in Texas 🤠 — including cybersecurity! #Cyber912 is coming to Austin in-person on Jan 31–Feb 1, 2026 with our partners at Strauss Center at the @UTAustin.bsky.social School of Law. Registration open till Dec 8, 2025.
🔗 Sign up here: form.jotform.com/252924286666...
🔗 Sign up here: form.jotform.com/252924286666...
We’re excited to kick off our first West Coast #Cyber912 Strategy Challenge with MIIS in beautiful Monterey, CA! Today's qualifying rounds will have 22 teams across the US. Good luck to all competitors! Learn more about the competition here: www.atlanticcouncil.org/programs/cyb...
November 7, 2025 at 7:15 PM
We’re excited to kick off our first West Coast #Cyber912 Strategy Challenge with MIIS in beautiful Monterey, CA! Today's qualifying rounds will have 22 teams across the US. Good luck to all competitors! Learn more about the competition here: www.atlanticcouncil.org/programs/cyb...
#Cyber912 is heading to Paris on Jan 28–30, 2026 with the GEODE and Université Paris 8 for our 6th year. Registration is now open and closes on Dec 15, 2025. Don't miss out on this in-person Cyber 9/12! We’ll see you there - sign up today:
form.jotform.com/252715245052...
form.jotform.com/252715245052...
Clone of 2025 Paris Cyber 9/12 Strategy Challenge Registration
Please click the link to complete this form.
form.jotform.com
November 7, 2025 at 11:01 AM
#Cyber912 is heading to Paris on Jan 28–30, 2026 with the GEODE and Université Paris 8 for our 6th year. Registration is now open and closes on Dec 15, 2025. Don't miss out on this in-person Cyber 9/12! We’ll see you there - sign up today:
form.jotform.com/252715245052...
form.jotform.com/252715245052...
Everything’s bigger in Texas 🤠 — including cybersecurity! #Cyber912 is coming to Austin in-person on Jan 31–Feb 1, 2026 with our partners at Strauss Center at the @UTAustin.bsky.social School of Law. Registration open till Dec 8, 2025.
🔗 Sign up here: form.jotform.com/252924286666...
🔗 Sign up here: form.jotform.com/252924286666...
November 4, 2025 at 3:19 PM
Everything’s bigger in Texas 🤠 — including cybersecurity! #Cyber912 is coming to Austin in-person on Jan 31–Feb 1, 2026 with our partners at Strauss Center at the @UTAustin.bsky.social School of Law. Registration open till Dec 8, 2025.
🔗 Sign up here: form.jotform.com/252924286666...
🔗 Sign up here: form.jotform.com/252924286666...
The US is the largest investor in this sample of the spyware market 💰 The implications for both national security and human rights policy are profound. The report contextualizes this trend: www.atlanticcouncil.org/in-depth-res...
Mythical Beasts: Diving into the depths of the global spyware market
The second edition of the Mythical Beasts project assess how the global spyware market has developed and changed over the past year.
www.atlanticcouncil.org
October 17, 2025 at 6:30 PM
The US is the largest investor in this sample of the spyware market 💰 The implications for both national security and human rights policy are profound. The report contextualizes this trend: www.atlanticcouncil.org/in-depth-res...
In his issue brief, fellow Robert Peacock highlights the oft-overlooked dimension of cybersecurity development - corruption in software acquisition practices. Read more here: www.atlanticcouncil.org/in-depth-res...
The impact of corruption on cybersecurity: Rethinking national strategies across the Global South
As the Global South prepares for the next stage in ICT development, governments must prioritize policies that reduce corruption in critical network software procurement to protect those countries'…
www.atlanticcouncil.org
October 16, 2025 at 7:45 PM
In his issue brief, fellow Robert Peacock highlights the oft-overlooked dimension of cybersecurity development - corruption in software acquisition practices. Read more here: www.atlanticcouncil.org/in-depth-res...
Take your next steps in cybersecurity at Black Hat Europe 2025! From specialized Trainings to insightful Briefings, ExCeL London is the place to be from Dec. 8-11 for all things cybersecurity! To learn more and register, visit www.blackhat.com/eu-25/
Black Hat Europe 2025
Black Hat Europe 2025
www.blackhat.com
October 15, 2025 at 7:03 PM
Take your next steps in cybersecurity at Black Hat Europe 2025! From specialized Trainings to insightful Briefings, ExCeL London is the place to be from Dec. 8-11 for all things cybersecurity! To learn more and register, visit www.blackhat.com/eu-25/
“Absent direct experience, all one can rely on is academic research”—cyber operations have never been used during a military crisis between two nuclear-armed states. What happens if this Rubicon is crossed? See this piece from Michael Fischerkeller:
www.atlanticcouncil.org/in-depth-res...
www.atlanticcouncil.org/in-depth-res...
What do we know about cyber operations during militarized crises?
Policymakers must critically examine assumptions and claims that cyber operations can serve as de-escalatory crisis offramps.
www.atlanticcouncil.org
October 15, 2025 at 1:43 PM
“Absent direct experience, all one can rely on is academic research”—cyber operations have never been used during a military crisis between two nuclear-armed states. What happens if this Rubicon is crossed? See this piece from Michael Fischerkeller:
www.atlanticcouncil.org/in-depth-res...
www.atlanticcouncil.org/in-depth-res...
Despite bans and sanctions, spyware companies keep thriving—with US dollars. US firms are investing in tools that harm US interests. The Trump administration can counter this problem set. Learn how in: nationalinterest.org/blog/techlan...
Tackling the Spyware Crisis
Domestic investment in spyware is undermining national security at all levels of society.
nationalinterest.org
October 14, 2025 at 5:31 PM
Despite bans and sanctions, spyware companies keep thriving—with US dollars. US firms are investing in tools that harm US interests. The Trump administration can counter this problem set. Learn how in: nationalinterest.org/blog/techlan...
And that’s a wrap!
Our final standings for the 2025 New York #Cyber912 are:
🥇Husky Hackers of @Northeasternu.bsky.social
🥈 Black Knights of USMA West Point
🥉Golden Mules of USMA West Point
Congratulations to all our teams and thank you to @ColumbiaSIPA.bsky.social
Our final standings for the 2025 New York #Cyber912 are:
🥇Husky Hackers of @Northeasternu.bsky.social
🥈 Black Knights of USMA West Point
🥉Golden Mules of USMA West Point
Congratulations to all our teams and thank you to @ColumbiaSIPA.bsky.social
October 14, 2025 at 12:01 PM
And that’s a wrap!
Our final standings for the 2025 New York #Cyber912 are:
🥇Husky Hackers of @Northeasternu.bsky.social
🥈 Black Knights of USMA West Point
🥉Golden Mules of USMA West Point
Congratulations to all our teams and thank you to @ColumbiaSIPA.bsky.social
Our final standings for the 2025 New York #Cyber912 are:
🥇Husky Hackers of @Northeasternu.bsky.social
🥈 Black Knights of USMA West Point
🥉Golden Mules of USMA West Point
Congratulations to all our teams and thank you to @ColumbiaSIPA.bsky.social
⏳ Don’t miss your chance! Be part of the first-ever #Cyber912 Monterey Challenge happening on Nov 7–8, 2025, at MIIS. Step into a fast-paced cyber crisis simulation, and sharpen your strategy skills.
📝 Register by October 13, by 11:59PM ET: form.jotform.com/Cyber_Statec...
📝 Register by October 13, by 11:59PM ET: form.jotform.com/Cyber_Statec...
October 13, 2025 at 2:19 PM
⏳ Don’t miss your chance! Be part of the first-ever #Cyber912 Monterey Challenge happening on Nov 7–8, 2025, at MIIS. Step into a fast-paced cyber crisis simulation, and sharpen your strategy skills.
📝 Register by October 13, by 11:59PM ET: form.jotform.com/Cyber_Statec...
📝 Register by October 13, by 11:59PM ET: form.jotform.com/Cyber_Statec...
For the 10th annual New York City #Cyber912 with @SIPAcyber, we were joined by 21 teams from 10 states...but only 11 can advance to the semifinal round.
Check out which teams made the cut and good luck to all our semifinalists! ⬇️
Check out which teams made the cut and good luck to all our semifinalists! ⬇️
October 10, 2025 at 10:43 PM
For the 10th annual New York City #Cyber912 with @SIPAcyber, we were joined by 21 teams from 10 states...but only 11 can advance to the semifinal round.
Check out which teams made the cut and good luck to all our semifinalists! ⬇️
Check out which teams made the cut and good luck to all our semifinalists! ⬇️
Are improvements in the security posture of open source software projects different among sources of general funding? Our initial analysis of about 2000 open-source software packages suggests the answer might be vary across software ecosystems. 🚨🔐
October 9, 2025 at 5:19 PM
Are improvements in the security posture of open source software projects different among sources of general funding? Our initial analysis of about 2000 open-source software packages suggests the answer might be vary across software ecosystems. 🚨🔐
Wondering what could prevent another incident like the XZ backdoor? Aeva Black suggests “A healthy dose of caution–particularly for maintainers of low-level system libraries in widespread use–is needed.” Check out the 5x5 to read more:
The 5x5—The XZ backdoor: Trust and open source software
Open source software security experts share their insights into the XZ backdoor, and what it means for open source software security.
www.atlanticcouncil.org
September 30, 2025 at 1:31 PM
Wondering what could prevent another incident like the XZ backdoor? Aeva Black suggests “A healthy dose of caution–particularly for maintainers of low-level system libraries in widespread use–is needed.” Check out the 5x5 to read more:
@jshermcyber.bsky.social report "The Politics of Internet Security" dives into the geopolitics of the Internet, examines how governments exert influence to warp its shape, and argues why the US needs to be more active in building a safer, more secure Internet.
The politics of internet security: Private industry and the future of the web
The private sector plays a crucial role in defining the changing shape of the Internet, especially its security. This report examines two protocols as examples of private sector influence over…
www.atlanticcouncil.org
September 29, 2025 at 1:37 PM
@jshermcyber.bsky.social report "The Politics of Internet Security" dives into the geopolitics of the Internet, examines how governments exert influence to warp its shape, and argues why the US needs to be more active in building a safer, more secure Internet.
Does more money for open source software lead to better OSS security? Causality is always hard to show, but correlation is easy! Check out our issue brief here: www.atlanticcouncil.org/content-seri...
September 26, 2025 at 8:10 PM
Does more money for open source software lead to better OSS security? Causality is always hard to show, but correlation is easy! Check out our issue brief here: www.atlanticcouncil.org/content-seri...
The deadline to sign up your team for the inaugural Monterey #Cyber912 Strategy Challenge has been extended to Monday, October 13 at 11:59PM ET.
If you were thinking about organizing your dream team... consider this your sign! 🔮✨
Register here: form.jotform.com/Cyber_Statec...
If you were thinking about organizing your dream team... consider this your sign! 🔮✨
Register here: form.jotform.com/Cyber_Statec...
a man speaking into a microphone with the words " this is your moment " above him
ALT: a man speaking into a microphone with the words " this is your moment " above him
media.tenor.com
September 26, 2025 at 6:22 PM
The deadline to sign up your team for the inaugural Monterey #Cyber912 Strategy Challenge has been extended to Monday, October 13 at 11:59PM ET.
If you were thinking about organizing your dream team... consider this your sign! 🔮✨
Register here: form.jotform.com/Cyber_Statec...
If you were thinking about organizing your dream team... consider this your sign! 🔮✨
Register here: form.jotform.com/Cyber_Statec...
Securing AI means securing all of its data supply chain. This new framework helps policymakers & technologists see the full picture. Read the issue brief here: www.atlanticcouncil.org/in-depth-res...
September 26, 2025 at 2:45 PM
Securing AI means securing all of its data supply chain. This new framework helps policymakers & technologists see the full picture. Read the issue brief here: www.atlanticcouncil.org/in-depth-res...
Our report, Design Questions in the Software Liability Debate, asks, "what do we agree about in software liability?" and "what do we still have left to figure out?" (Sneak peek: not much, and a lot!)
Design questions in the software liability debate
Software liability—resurgent in the policy debate since its mention in the 2023 US National Cybersecurity Strategy—describes varied potential structures to create legal accountability for vendors of…
www.atlanticcouncil.org
September 25, 2025 at 7:30 PM
Our report, Design Questions in the Software Liability Debate, asks, "what do we agree about in software liability?" and "what do we still have left to figure out?" (Sneak peek: not much, and a lot!)
“There's still a disconnect in recognizing that cybersecurity is a foundational business risk and not a one-time, niche issue,” says Ayan Islam.
When it comes to workforce development, it takes investment at all levels!
See what other experts thought:
When it comes to workforce development, it takes investment at all levels!
See what other experts thought:
The 5×5—Strengthening the cyber workforce
Experts provide insights into ways for the United States and its allies to bolster the cyber workforce.
www.atlanticcouncil.org
September 25, 2025 at 1:46 PM
“There's still a disconnect in recognizing that cybersecurity is a foundational business risk and not a one-time, niche issue,” says Ayan Islam.
When it comes to workforce development, it takes investment at all levels!
See what other experts thought:
When it comes to workforce development, it takes investment at all levels!
See what other experts thought:
The global spyware market is evolving 🌎 The second edition of the Mythical Beasts project details a resilient and expanding ecosystem of surveillance actors. Read more in: www.atlanticcouncil.org/in-depth-res...
Mythical Beasts: Diving into the depths of the global spyware market
The second edition of the Mythical Beasts project assess how the global spyware market has developed and changed over the past year.
www.atlanticcouncil.org
September 24, 2025 at 7:15 PM
The global spyware market is evolving 🌎 The second edition of the Mythical Beasts project details a resilient and expanding ecosystem of surveillance actors. Read more in: www.atlanticcouncil.org/in-depth-res...
Shoring up open source software security is essential for advancing a more secure software ecosystem--it's open source all the way down!
Check out our report on policy to advance open source software security to see what policy can do ⬇️
www.atlanticcouncil.org/in-depth-res...
Check out our report on policy to advance open source software security to see what policy can do ⬇️
www.atlanticcouncil.org/in-depth-res...
Avoiding the success trap: Toward policy for open-source software as infrastructure
Open-source software (OSS) sits at the center of almost every digital technology moving the world since the early 1980s—laptops, cellphones, widespread internet connectivity, cloud computing, social…
www.atlanticcouncil.org
September 24, 2025 at 2:15 PM
Shoring up open source software security is essential for advancing a more secure software ecosystem--it's open source all the way down!
Check out our report on policy to advance open source software security to see what policy can do ⬇️
www.atlanticcouncil.org/in-depth-res...
Check out our report on policy to advance open source software security to see what policy can do ⬇️
www.atlanticcouncil.org/in-depth-res...
Access-as-a-Service firms bypass arms control agreements like the Wassenaar Arrangement by hiring foreign nationals. Policymakers must understand this industry to shape and limit the spread of offensive cyber capabilities. More here: www.atlanticcouncil.org/in-depth-res...
Countering cyber proliferation: Zeroing in on Access-as-a-Service
It is imperative that governments reevaluate their approach to countering the proliferation of offensive cyber capabilities.
www.atlanticcouncil.org
September 23, 2025 at 6:30 PM
Access-as-a-Service firms bypass arms control agreements like the Wassenaar Arrangement by hiring foreign nationals. Policymakers must understand this industry to shape and limit the spread of offensive cyber capabilities. More here: www.atlanticcouncil.org/in-depth-res...
US investment not only funds these companies—it legitimizes them. More money. More talent. More risk to Americans. Overview of this issue set and how to combat it in:
Tackling the Spyware Crisis
Domestic investment in spyware is undermining national security at all levels of society.
nationalinterest.org
September 23, 2025 at 3:15 PM
US investment not only funds these companies—it legitimizes them. More money. More talent. More risk to Americans. Overview of this issue set and how to combat it in:
For the offensive cyber capabilities market there is a "lack of transparency, insight, and monitorability of this global ecosystem when compared to physical equivalents such as small arms, chemical and radiological weapons etc." writes Ollie Whitehouse in
Makings of the Market: Seven perspectives on offensive cyber capability proliferation
The marketplace for offensive cyber capabilities continues to grow globally. Their proliferation poses an expanding set of risks to national security and human rights, these capabilities also have…
www.atlanticcouncil.org
September 22, 2025 at 5:45 PM
For the offensive cyber capabilities market there is a "lack of transparency, insight, and monitorability of this global ecosystem when compared to physical equivalents such as small arms, chemical and radiological weapons etc." writes Ollie Whitehouse in
Cloud myth #4: Cloud providers do not influence the shape of the internet.
Fact: the availability of cloud computing has fundamentally reshapes where and how data is processed and thus how it flows across the internet.
More here:
Fact: the availability of cloud computing has fundamentally reshapes where and how data is processed and thus how it flows across the internet.
More here:
Four myths about the cloud: The geopolitics of cloud computing
In competition and cooperation, cloud computing is the canvas on which states conduct significant political, security, and economic activity.
www.atlanticcouncil.org
September 22, 2025 at 2:07 PM
Cloud myth #4: Cloud providers do not influence the shape of the internet.
Fact: the availability of cloud computing has fundamentally reshapes where and how data is processed and thus how it flows across the internet.
More here:
Fact: the availability of cloud computing has fundamentally reshapes where and how data is processed and thus how it flows across the internet.
More here: