FedRAMP Signals Acceleration of Requirements for Machine-Readable Packages in the Rev5 Process
FedRAMP has proposed modifications to the Rev5 process in the newly published RFCs that could enact major changes and require Cloud Service Offerings to provide authorization packages in a “machine-readable format.”
Yet Another Blog about 'Cyber Operations' Part I: The Lexicon
The vocabulary around cyber operations has become muddled with policymakers often conflating terms. This post aims to set a standard lexicon for all to use moving forward.
Special Episode: A Look at Cyber Policy in 2026 (DCP S2 E12)
For our second special episode of the Distilling Cyber Policy podcast, Alex and Jen from the Center are joined by experts to try and predict the future of cyber policy in the coming year, while reflecting on some of their previous prediction.
Offensive Cyber Operations with Stacy O’Mara and Leonard Bailey (DCP S2 11)
Offensive cyber activity has become a central policy conversation as governments worldwide rethink what tools are necessary to counter increasingly sophisticated threats.
Meeting the Homeland C-UAS Threat
A recent tabletop exercise examined the impact of drone attacks on a university hockey game, electric grid, and nearby air base and recommended key findings to deter and prevent these types of attacks.
2025 Year in Review: Advancing Cybersecurity Through Collaboration
In 2025, the cybersecurity ecosystem became more complex and we’ve seen governments rethink critical policy frameworks. Nonetheless, the Center has remained steadfast in strengthening cybersecurity through policy, collaboration, and education.
Fighting the Adversarial Use of AI: Innovation in Cyber Insurance, Incident Response
The rise of AI is reshaping every aspect of cybersecurity. While AI holds promise for automating defenses, it also empowers threat actors. This is driving an AI arms race with placing the cyber insurance market in the middle.
FinCEN: Ransomware Payments Peaked in 2023
Ransomware payments peaked in 2023 at $1.1 billion with 1,512 reported incidents and dropped by a third to $734 million on 1,476 incidents in 2024, according to FinCEN.
Europe’s DMA: A Cybercriminal's Paradise?
Mobile devices serve many purposes and a single vulnerability can wreak havoc. This paper focuses on the DMA provisions around mobile OS's, identifies the key risks, and makes makes recommendations to void weakening the mobile ecosystem.
Cybersecurity Coalition, HPC Comment on EU CRA Delegated Act on Delaying Dissemination of Notifications About Vulnerabilities and Incidents
The Cybersecurity Coalition and the Hacking Policy Council submitted comments to the European Commission on its consultation related to the Delegated Act.
