Insights & Research

A recent tabletop exercise examined the impact of drone attacks on a university hockey game, electric grid, and nearby air base and recommended key findings to deter and prevent these types of attacks.

Mobile devices serve many purposes and a single vulnerability can wreak havoc. This paper focuses on the DMA provisions around mobile OS's, identifies the key risks, and makes makes recommendations to void weakening the mobile ecosystem.

Submarine cables are the essential infrastructure enabling the global economy. This paper recommends enhancing the resilience of the ecosystem through greater route diversity and redundancy, rapid repair capacity, and secure supply chain.

The Center convened the latest in a series of tabletop exercises exploring IT concentration risk within a broader international context with Five Eyes officials and industry reps.

The Center conducted a tabletop exercise exploring the ability of government and private sector to address disruption from a nation state with sophisticated cyber capabilities may cause to critical infrastructure if given extensive freedom of action.

Because the future of the CVE program faces some uncertainty it’s time to start a dialogue about the future of the program. This report is designed to provide that starting point.

The U.S. is facing a new era of digital conflict where cyberattacks are persistent campaigns targeting critical infrastructure. In response, calls to embrace offensive cyber have grown as questions and challenges around these capabilities are raised.

The Center and Australian officials conducted a multi-stakeholder tabletop exercise, with the intent to explore concentration risk within the Australian Government’s IT environments.

Organizations worldwide are developing frameworks to ensure that AI systems are safe and secure but there’s a gap in how they are compared. This analysis seeks to understand the commonalities by using the the NIST AI RMF as a baseline.

The use of AI technologies in federal agencies is ever expanding but governance is necessary to ensure its proper use. This report looks at existing governance structures, the role of the CAIO, and recommendations to make governance more effective.