Insights & Research

Papers & Reports

To Hack Back, or Not Hack Back? That is the Question … or is it?

The U.S. is facing a new era of digital conflict where cyberattacks are persistent campaigns targeting critical infrastructure. In response, calls to embrace offensive cyber have grown as questions and challenges around these capabilities are raised.

Addressing IT Concentration Risk in the Australian Government

The Center and Australian officials conducted a multi-stakeholder tabletop exercise, with the intent to explore concentration risk within the Australian Government’s IT environments.

Crosswalk Analysis for Artificial Intelligence Frameworks

Organizations worldwide are developing frameworks to ensure that AI systems are safe and secure but there’s a gap in how they are compared. This analysis seeks to understand the commonalities by using the the NIST AI RMF as a baseline.

Public Sector AI Governance: Build on Existing, Strong Foundations

The use of AI technologies in federal agencies is ever expanding but governance is necessary to ensure its proper use. This report looks at existing governance structures, the role of the CAIO, and recommendations to make governance more effective.

Through the Looking Glass: An Updated Vision for the Office of the National Cyber Director

The ONCD was established to advise the President on cybersecurity and has matured into a key component of cybersecurity policymaking. However, changes are needed to ensure the efficacy of the office, especially as it relates to other agencies.

Addressing Concentration Risk in Federal IT

The Center conducted a multi-stakeholder tabletop exercise in April to explore a form of concentration risk where a single software, configuration, service, or hardware becomes dominant in an ecosystem.

Cybersecurity Coalition Releases EU Policy Roadmap 2024-2029

At CyberNext Brussels, the Cybersecurity Coalition released an EU Policy Roadmap that would help ensure Europe's collective digital resilience.

Trusted App Stores: Protecting Security and Integrity

The mobile app store provisions of the DMA could undermine foundational security in the mobile phone ecosystem. The Center is concerned that a proliferation of ways to install apps will be overwhelming to users and open avenues for bad actors.

Reframing the Conversation: A Deep Dive into the Encryption Debate

Governments say encryption prevents law enforcement from doing their job, but encryption protects everyone, including children and other vulnerable populations.

Protecting Network Resiliency

Vulnerabilities, flaws, or misconfigurations in the network device ecosystem can have a devastating effect. To prevent this, the Network Resilience Coalition is making recommendations on best practices for both vendors and consumers.