Inaugural Cyber Policy Awards

April 24, 2024 in Washington, DC

The Institute for Security and Technology (IST), in partnership with the Center for Cybersecurity Policy and Law, is pleased to announce the inaugural edition of The Cyber Policy Awards—an annual gathering of the U.S. cyber policy community to honor and celebrate those who drove significant progress in the preceding year, and to make resolutions for the new year.

Event concept

In this inaugural year, the event will take the form of a reception with presentations of the four core awards. Borrowing from popular U.S. entertainment industry awards, esteemed members of the cyber policy community will introduce the nominees and present awards. In future editions, the awards gala will include a banquet reception with live entertainment.

Core award categories

README: General Definitions & Criteria

1. Definition. The term “cyber policy” shall be broadly defined as: “Governance efforts to advance for the common good any aspect of the global digital ecosystem, including but not limited to interoperability, access, trust, privacy, safety, security, stability, human rights, workforce, and the rule of law.” This may include thought leadership and action from individuals, academia, non-governmental organizations, technical standards bodies, industry specific fora, state or national governments, and formal or ad hoc international bodies.

2. Time period. Except as otherwise set forth in the special criteria of a particular award category, the contributions and accomplishments specified in a nomination must have taken place, or have come to fruition, during the calendar year (CY) in question. For the inaugural event, the performance period is CY 2023.

3. Eligible recipients. The description and criteria for each award category may specify an award as being intended for an individual recipient, a small group (defined herein as consisting of five or fewer named individuals), or an organization (which may involve a named subdivision of an organization). Where no such criterion is specified, nominations may involve any of the three recipient types. In all cases, submitters are encouraged to narrow a nomination to the key person, or people, who championed the celebrated achievement; judges may consider tailored nominations as particularly compelling.

4. Repeat nominations. Except as otherwise set forth in the special criteria of a particular award category, each nomination may be made only once, and not re-submitted in a subsequent year.

5. Exclusions. Nominations involving persons or activities regulated under the United States Code that seek to influence legislation (commonly known as lobbying), including equivalent state statutes and regulations, shall not be considered.

U.S. Domestic Policy Impact Award

This award recognizes an individual, small group, or organization whose efforts have had significant impact on the U.S. domestic policy landscape, such as by materially influencing the community’s thinking and trajectory, overcoming a longstanding and intractable obstacle, or galvanizing broad stakeholder support to take some action.

International Policy Impact Award

This award recognizes an individual, small group, or organization whose efforts have had significant impact on the international policy landscape, such as a shift in international narratives, viewpoints, or prioritization; the emergence of international consensus or an agreement; or resulting in collective action when previously unlikely.

Ecosystem Champion Award

This award recognizes an individual, small group, or organization whose efforts have led to broad structural and long-lasting positive impact on the cyber ecosystem. Such efforts often lack headline-grabbing appeal or a profit model, and typically require the proponent’s long-term commitment and tenacity to see to completion. This category might also be described as the “unsung hero” award.

Cyber Philanthropy/ist of the Year

This award recognizes an individual philanthropist or philanthropic organization for their outstanding contribution to national or international cyber policy by enabling the work of academic institutions, think tanks, or other civil society organizations through both thought leadership and financial support. Nominations should articulate the catalyzing issue or purpose, the funder’s level of engagement and commitment over time, and the resulting outcomes.

Note: For 2025, Lifetime Achievement, and perhaps other award categories, will be added.

Nominations

The nomination period closed on Friday, March 29, at 5 pm PT.

As stated in the above award definitions and criteria, the contributions and accomplishments specified in a nomination must have taken place, or have come to fruition, during the calendar year in question. For the inaugural event, the performance period is calendar year 2023. Anyone may submit an award nomination; however, a proposed recipient may not self-nominate.

In April, 16 finalists were chosen from the pool of nominees.

Judging panel and selection process

A group of esteemed individuals from across the cyber policy community have been empaneled as judges to review, rank, and select the finalist nominees and winner in each category.

Cyber Policy Awards Judges

Leonard Bailey
Federal Prosecutor/Adjunct Professor at Georgetown University Law Center and New York University Law School

Frank Cilluffo
Director of the McCrary Institute at Auburn University, former Cyberspace Solarium Commissioner, and former Special Assistant to President Bush for homeland security

Ann Cleaveland
Executive Director of the Center for Long-Term Cybersecurity at the University of California at Berkeley

Hon. Chris Inglis
Inaugural U.S. National Cyber Director and former Deputy Director of the National Security Agency

Hon. James Langevin
Retired member of the U.S. House of Representatives and Cyberspace Solarium Commissioner

Dr. James Lewis
Senior Vice President and Director for the Strategic Technologies Program at the Center for Strategic and International Studies

Chandra McMahon
Senior Vice President and Chief Information Security Officer at CVS Health and member of the Aspen Institute U.S. Cybersecurity Group

Amb. Heli Tiirmaa-Klaar
Director of the Digital Society Institute at the European School of Management and Technology in Berlin and former Estonian ambassador for cyber diplomacy

Judging Code of Conduct

Cyber Policy Awards judges will conduct themselves according to the highest standards in carrying out a fair and credible selection process to ensure the awards hold meaning over time. Specific rules of behavior are as follows:

  1. CONFIDENTIALITY. Judges will carry out their deliberations in secret, sharing the results only with members of the organizing committee who have a “need to know” in order to facilitate the nomination process and the awards ceremony.
  2. CONFLICTS OF INTEREST. Judges will proactively disclose to the Chair of the organizing committee any potential actual or perceived conflict of interest in a selection. The organizing committee, or a sub-committee thereof, will be responsible for addressing conflicts of interest. For this purpose, potential conflicts might include, but are not limited to, the following situations:
    1. Being nominated for an award;
    2. Being, or having been, closely affiliated with a nominee (e.g., familial relationship, personal connection to the work being celebrated, etc.);
    3. Having a personal financial interest in a nominee (e.g., equity interest in a nominated organization); and
    4. Any other situation, such as involvement in a related investigation, litigation, enforcement action, or investigative press reporting.

Nominees selected by the judges as finalists (no more than four per award category) will be announced publicly in advance of the event, which is itself a high honor. The winner will be unveiled during the event.

Award trophy

Recipients will receive the Cyber Policy Award of Merit, which features “The Atlas” statuette representing the ultimate symbol of strength and endurance. The Ancient Greek Titan Atlas bears the cosmos and turns the sky on his shoulders for eternity. Atlas’ burden represents the skill, strength, and commitment required to positively influence domestic and international cyber policy.