Skip to content
Sign Up for Our Newsletter
About
Close About
Open About
About the Institute for Security and Technology
Our Team
Board Of Directors
Careers
Contact Us
Featured Events
Cyber Policy Awards
Critical Effect DC
Projects
Close Projects
Open Projects
AI and NC3
Pioneering action-oriented efforts to explore how advanced AI capabilities will be integrated into nuclear command, control, and communications
AI Antitrust and National Security
Exploring how to more effectively account for national security considerations in AI antitrust cases while respecting precedent, scope, and the core principles of antitrust law
AI Risk Reduction Initiative
Assessing the emerging risks and opportunities of AI foundation models and developing risk reduction strategies
AI Chip Export Control Initiative
Safeguarding U.S. national competitiveness by closing critical compliance and enforcement gaps
AI Risk Barometer
Measuring national security professionals’ perceptions of AI futures through a technically-informed survey
CATALINK
Preventing the onset or escalation of conflict by building a resilient global communications system
Energy FIRST
Powering U.S. and allied security & prosperity through a resilient energy future
Ransomware Task Force (RTF)
Combating the ransomware threat with a cross-sector approach
Religious Voices and Responsible AI
Engaging religious communities on safe and beneficial AI
SL5 Task Force
Strengthening AI security through a multistakeholder approach
UnDisruptable27
Driving more resilient lifeline critical infrastructure for our communities
All Projects
» Explore all of IST's projects, past and current
Focus Areas
Future of Digital Security
Geopolitics of Technology
Innovation and Catastrophic Risk
Events
Insights
Contact
Search
Donate
Archive
IST publications
Report
CVE at a Crossroads: A Blueprint for the Next 25 Years
The Common Vulnerabilities and Exposures (CVE) Program is a critical public good, yet it is at a crossroads. Established by MITRE with support from the U.S. government, the index of software vulnerability identifiers has been a core element of software security since 1999. But recent funding issues have laid bare fundamental challenges, and without action, the vulnerability identification landscape will fragment. This report provides recommendations for global policymakers on how to reimagine the CVE Program for the next 25 years.
Common Vulnerabilities and Exposures
,
CVE
,
Global Vulnerability Catalog
,
National Vulnerability Management Program
,
software
,
vulnerability identification
,
vulnerability management
October 8, 2025
Report
Artificial Intelligence in Nuclear Command, Control & Communications: A Technical Primer
AI has been integral to nuclear weapons systems and operations for decades, but rapidly advancing “novel” models pose unforeseen technical opportunities. For the Institute for Security and Technology’s scenario-driven workshop on the integration of AI into NC3 systems, IST’s Sylvia Mishra and Philip Reiner co-authored a short primer to establish what constitutes 'novel' AI in the context of nuclear weapons decision-making.
AI
,
artificial intelligence
,
NC3
,
nuclear
,
system of systems
September 10, 2025
Report
Improving Private Sector Cyber Victim Notification and Support
Building off the Cyber Safety Review Board’s recommendation that cloud service providers work with mobile device platform vendors to develop an “amber alert”-style notification mechanism, IST Adjunct Advisor Rob Knake explores the challenges to developing the native-notification concept and lays out a roadmap for overcoming them.
cyber
,
incident response
,
Victim Notification
August 14, 2025
Report
Nuclear Command, Control, and Communications (NC3): A Primer on Strategic Warning, Decision Support, and Adaptive Targeting Subsystems
Originally drafted to guide substantive discussions for a scenario-driven workshop hosted by IST in Washington, DC on the risks and opportunities of AI integration in NC3, this primer provides a technical and in-depth overview and analysis of strategic warning, decision support, and adaptive targeting subsystems that comprise the NC3 “system of systems.”
adaptive targeting
,
decision support
,
NC3
,
NC3 architecture
,
nuclear
,
strategic warning
,
system of systems
July 7, 2025
Report
Securing the Signal: Mitigation Strategies to Strengthen Crisis Communication Channels
As global norms are challenged and emerging technologies accelerate, crisis communication systems between nuclear-armed states face urgent new threats. This report identifies four critical scenarios and outlines a matched set of mitigation strategies designed to reinforce the reliability of crisis communications in high-stakes environments.
CATALINK
,
cold war
,
crisis communications
,
electromagnetic pulse
,
EMP
,
escalation
,
miscalculation
,
nuclear
May 28, 2025
AAR
,
Report
Strengthening Nuclear Crisis Communications: Steps to Implement Mesh Networks to Enhance Resilience & Security
To advance work on secure crisis communications, IST convened a diverse group of experts for a technical workshop to explore potential avenues for improving the resilience of nuclear crisis communications networks, including IST’s CATALINK Initiative. In this report, IST’s Christian Steins shares critical takeaways from their discussion.
crisis communications
,
mesh network
,
nuclear weapon state
,
resilience
,
ROCCS
May 22, 2025
Report
The Generative Identity Initiative: Exploring Generative AI’s Impact on Cognition, Society, and the Future
AI has surged to the fore, and GenAI represents a profound evolution in tech that can affect and manipulate cognition, and outsource cognitive functions. The Generative Identity Initiative's inaugural report asks the question; How will this emerging tech affect social cohesion?
artificial intelligence
,
cognition
,
Generative artificial intelligence
,
social cohesion
December 19, 2024
Report
Navigating AI Compliance, Part 1: Tracing Failure Patterns in History
What is the risk of compliance failure in AI foundation models, and how can it be mitigated? The AI Risk Reduction Initiative’s latest report analyzes the history of failures across industries in an effort to avoid future pitfalls, and offers practical frameworks and definitions for practitioners navigating the complex compliance landscape. The first of a two-part series, this report examines 11 case studies from AI-adjacent industries to identify three distinct failure categories: institutional, procedural, and performance.
artificial inteligence
,
compliance
,
cybersecurity
,
Future of Digital Security
December 10, 2024
Report
Why Venture Capital Is Indispensable for U.S. Industrial Strategy: Activating Investors to Realize Disruptive National Capabilities
How can the U.S. realize disruptive national capabilities and establish technological leadership in the geostrategic competition with China? From IST’s Strategic Balancing Initiative, a new report calls for harnessing the power of the venture capital industry to unlock innovation, and offers insights for policymakers & practitioners.
China
,
industrial strategy
,
quantum
,
research and development
,
techno-industrial competition
,
venture capital
October 15, 2024
Report
The Implications of Artificial Intelligence in Cybersecurity: Shifting the Offense-Defense Balance
Advances in AI present key cybersecurity opportunities, but how might malicious actors utilize the same technology? IST’s latest report investigates the state of existing and potential integrations of AI in cybersecurity based on our research & interviews with industry stakeholders and puts forward 7 priority recommendations.
agentic
,
AI
,
artificial intelligence
,
cyber
,
cybersecurity
,
deepfakes
,
offense-defense balance
,
software
October 10, 2024
Report
Unlocking U.S. Technological Competitiveness: Proposing Solutions to Public-Private Misalignments
This concept paper, the third and last working paper in the series, lays out how a third round of working group meetings further explored those initial solutions, building out specific ways to operationalize them, identifying specific questions that need to be addressed to achieve these goals, and suggesting potential mechanisms for achieving them
biotech
,
China
,
energy
,
industrial strategy
,
quantum
June 28, 2024
Report
Use-Cases of Resilient Nuclear Crisis Communications: A View from Russia
This report delves into resilient nuclear crisis communications from the Russian perspective, examines several documents and actions taken by Russia political leadership on both nuclear and non-nuclear instances of crisis communications, and concludes by stressing the importance of cooperation between leaders in Moscow and Washington:
nuclear crisis communications
,
nuclear risk reduction
,
Russia
June 26, 2024
Report
Pakistan: Mitigating Nuclear Risks Through Crisis Communications
This brief explores the history of crisis communications from the perspective of Pakistan, unpacks the history of nuclear crisis communications between Pakistan and India, and calls for a multilateral crisis communication mechanism in South Asia to enhance regional stability and security, noting the necessity for neutral party engagement.
nuclear crisis communications
,
nuclear risk reduction
,
Pakistan
,
South Asia
June 26, 2024
Report
Resilient Nuclear Crisis Communications: India’s Experience
This short paper examines the manner in which the existing hotlines have been used in the India-Pakistan dyad. It also identifies some challenges posed to these channels and how these need to be overcome.
India
,
nuclear crisis communications
,
nuclear risk reduction
,
Pakistan
June 26, 2024
Progress Report
,
Report
Ransomware Task Force: Doubling Down
While the U.S. government and its partners made great strides in combating ransomware in 2023, attacks have only increased. Of the 48 recommendations made in the original RTF Report, our assessment remains unchanged from a year ago: only 24 have seen significant progress.
cybersecurity
,
incident reporting
,
ransom payments
,
Ransomware
April 24, 2024
Report
Information Sharing in the Ransomware Payment Ecosystem: Exploring the Delta Between Best Practices and Existing Mechanisms
IST's latest report pulls from a recent attack scenario exercise performed by the Ransomware Task Force's Payments Working Group, comparing the results to information sharing case studies including the Hive disruption operation, the Emotet botnet takedown, and the Colonial Pipeline ransom recovery.
Colonial Pipeline
,
cybersecurity
,
Emotet
,
Hive
,
ransom payments
,
Ransomware
April 17, 2024
Previous
Page
1
Page
2
Page
3
Page
4
Page
5
Next
Search
Search
MENU
HOME PAGE
About CATALINK
CATALINK Frequently Asked Questions
The CATALINK Brief
Insights
Events
Analysis
Podcasts
Why crisis communications?
Our Team
GET IN TOUCH
Email:
[email protected]
Send us a message:
Contact
JOIN THE CATALINK MAILING LIST
First Name
Last Name
Organization
Email
Subscribe
