Skip to content
Sign Up for Our Newsletter
About
Close About
Open About
About the Institute for Security and Technology
Our Team
Board Of Directors
Careers
Contact Us
Featured Events
Cyber Policy Awards
Critical Effect DC
Projects
Close Projects
Open Projects
AI and NC3
Pioneering action-oriented efforts to explore how advanced AI capabilities will be integrated into nuclear command, control, and communications
AI Antitrust and National Security
Exploring how to more effectively account for national security considerations in AI antitrust cases while respecting precedent, scope, and the core principles of antitrust law
AI Risk Reduction Initiative
Assessing the emerging risks and opportunities of AI foundation models and developing risk reduction strategies
AI Chip Export Control Initiative
Safeguarding U.S. national competitiveness by closing critical compliance and enforcement gaps
AI Risk Barometer
Measuring national security professionals’ perceptions of AI futures through a technically-informed survey
CATALINK
Preventing the onset or escalation of conflict by building a resilient global communications system
Energy FIRST
Powering U.S. and allied security & prosperity through a resilient energy future
Ransomware Task Force (RTF)
Combating the ransomware threat with a cross-sector approach
Religious Voices and Responsible AI
Engaging religious communities on safe and beneficial AI
SL5 Task Force
Strengthening AI security through a multistakeholder approach
UnDisruptable27
Driving more resilient lifeline critical infrastructure for our communities
All Projects
» Explore all of IST's projects, past and current
Focus Areas
Future of Digital Security
Geopolitics of Technology
Innovation and Catastrophic Risk
Events
Insights
Contact
Search
Donate
Archive
Report
Report
Public Private Partnerships to Combat Ransomware: An inquiry into three case studies and best practices
IST, in collaboration with the Global Forum on Cyber Expertise and in support of the International Counter Ransomware Initiative, examines three existing public-private partnerships to combat ransomware: Europol’s European Cybercrime Centre (EC3), the United States Joint Cyber Defense Collaborative (JCDC), and the Institute for Security and Technology’s Ransomware Task Force (RTF). What challenges did they face? What does an ideal public-private partnership look like?
CISA
,
cyber
,
EC3
,
European Cybercrime Centre
,
JCDC
,
Joint Cyber Defense Collaborative
,
PPPs
,
Public-private partnerships
,
Ransomware
March 27, 2024
Report
Unlocking U.S. Technological Competitiveness: Public-Private Misalignments in Biotechnology, Energy, and Quantum Sectors
This initial Strategic Balancing Initiative report summarizes key takeaways from Working Group discussions with stakeholders in the biotechnology, quantum, and energy industries, identifying the unique challenges that they face to improving U.S. competitiveness in each respective sector. The report then engages in a ‘deep dive’ on a key concept from each industry that, if actioned, would improve innovation and could ultimately drive U.S. competitiveness.
biotech
,
China
,
energy
,
public-private misalignments
,
quantum
,
techno-industrial competition
February 20, 2024
Report
How Does Access Impact Risk? Assessing AI Foundation Model Risk Along a Gradient of Access
Uninhibited access to powerful AI models and their components significantly increases the risk these models pose across a range of categories, as well as the ability for malicious actors to abuse AI capabilities and cause harm.
artificial inteligence
,
bias
,
capability overhang
,
compliance failure
,
foundation model
,
human out of the loop
,
LLMs
,
malicious use
,
risk-mitigation
December 13, 2023
AAR
,
Report
Strengthening Resilience in 21st Century Crisis Communications
In Strengthening Resilience in 21st Century Crisis Communications, authors Alexa Wehsener and Sylvia Mishra draw on insight from a group of high-level policymakers, diplomats, and technical experts in attendance at IST's London workshop earlier this year to examine the vulnerabilities of existing crisis communications channels and offer possible solutions.
after action report
,
CATALINK
,
diplomacy
,
nuclear
,
nuclear risk reduction
July 20, 2023
Report
Mapping Threat Actor Behavior in the Ransomware Payment Ecosystem: A Mini-Pilot
This mini-pilot overlays actual threat actor behavior on the original ransomware payment ecosystem map. It seeks to identify which kinds of disruption could be the most effective and where to apply them in the payment process.
cybersecurity
,
mini pilot
,
ransom payments
,
Ransomware
May 22, 2023
Report
Castles Built on Sand: Towards Securing the Open-Source Software Ecosystem
Castles Built on Sand advocates for a fundamental shift in the open-source software ecosystem. Taking the Log4j vulnerability as a case study, the paper seeks to understand the documentation of its development, the transparent response and mitigation efforts at each stage of the disclosure cycle, and its ongoing exploitation.
cybersecurity
,
Log4j
,
open source software
,
vulnerability management
April 17, 2023
Report
Cyber Incident Reporting Framework: Global Edition
Multiple industry groups, led by the Cyber Threat Alliance and IST, have come together to identify a set of principles and develop a model reporting format that governments worldwide could use. The Cyber Incident Reporting Framework: Global Edition answers questions about what conditions should be in place to make a reporting mandate effective and harmonizes suggested definitions with existing global regulations.
CIRCIA
,
CISA
,
cybersecurity
,
incident reporting
March 9, 2023
Report
AI-NC3 Integration in an Adversarial Context: Strategic Stability Risks and Confidence Building Measures
AI-NC3 Integration in an Adversarial Context aims to examine the strategic stability risks posed by integrating AI technologies into nuclear command, control and communications systems across the globe.
and communications
,
artificial intelligence
,
confidence-building measures
,
control
,
NC3
,
nuclear command
February 27, 2023
Report
Nuclear Crisis Communications: Mapping Risk Reduction Implementation Pathways
Nuclear Crisis Communications: Mapping Risk Reduction Implementation Pathways underscores the importance of nuclear risk reduction and the growing need for modern crisis communications and outlines two scalable pathways to integrate a crisis communications system like CATALINK.
CATALINK
,
crisis communications
,
nuclear risk reduction
,
P5
January 23, 2023
Report
Towards a Stronger Ukrainian Media Ecosystem
As Russian troops and military equipment surged on the border with Ukraine in 2021, IST used data gathered by VAST-OSINT Technologies to identify emerging narratives in Russian and Ukrainian across Ukraine’s media ecosystem. IST was able to pinpoint the origins of Russian disinformation narratives before they became mainstream and to provide timely insights to counter those narratives.
disinformation
,
media ecosystem
,
Russia
,
Ukraine
December 14, 2022
Report
To the Point of Failure: Identifying Failure Points for Crisis Communications Systems
Crisis communication systems can fail in a variety of ways. To shed light on the many different failures that degrade and undermine such systems, this report identifies four categories of pathways to failure: operational failures, adversarial failures, accidental failures and institutional failures. Each category is made up of specific types of failures, investigated in further detail in the following sections of this report.
NC3
,
nuclear crisis communications
,
nuclear risk reduction
,
points of failure
November 30, 2022
Report
Mapping the Ransomware Payment Ecosystem: A Comprehensive Visualization of the Process and Participants
Central to our ability to mitigate the threat of ransomware is the development of a common understanding of the actors, stakeholders, processes, and information, both required for and produced during the ransomware payment process. Yet, when we began this work, such a picture did not exist. We undertook this effort to fill that gap.
mapping
,
ransom payments
,
Ransomware
,
visualization
November 15, 2022
Report
Plan maestro de defensa contra los programas de secuestro
En respuesta a la acción 3.1.1 del Informe del Grupo de Trabajo sobre Programas de Secuestro, en la cual se exhorta a las organizaciones de ciberseguridad a establecer un marco claro y accionable para la mitigación, la respuesta y la recuperación ante programas de secuestro, el Grupo de Trabajo encargado de elaborar un plan de defensa contra los programas de secuestro formuló un plan maestro que abarca un subconjunto de salvaguardias esenciales de ciberhigiene seleccionadas de los controles críticos de seguridad del Centro para la Seguridad de Internet (CIS Controls®) v8.
Blueprint for Ransomware Defense
,
cyber attacks
,
defense
,
Future of Digital Security
,
Ransomware
,
RTF
November 10, 2022
Report
Cyber Incident Reporting Framework
The Framework lays out a set of model reporting formats the Cybersecurity and Infrastructure Security Agency (CISA) could use as the foundation for the cyber incident reporting.
CIRCIA
,
cyber
,
cybersecurity
,
incident reporting
,
Ransomware
November 3, 2022
Report
Digital Tools, Cognition, and Democracy: A Review of the Literature
This literature review supports a series examining the effects digital technologies have on the following cognitive processes: "Memory," "Attention," and "Reasoning." The broader report series includes three additional papers looking at some of the society-level cognitive and democratic impacts of technology, titled: "Modulating Trust," "Shortcutting Critical Thinking," and "Exploiting Emotions."
attention
,
cognition
,
DCDI
,
democracy
,
emotions
,
Geopolitics of Technology
,
memory
,
reasoning
,
social
October 27, 2022
Report
Reasoning: How digital technologies influence decision making and judgment
This report provides a working definition of reasoning, narrowing the scope of the discussion to judgment and decision making. We identify three aspects of digital technology that exert significant impacts on reasoning: user experience design, gamification, and search engines. Examples include social media platforms, gamified platforms like Robinhood, and search engines like Google and Wikipedia. Key findings include:
cognition
,
DCDI
,
decision making
,
democracy
,
gamification
,
Geopolitics of Technology
,
judgment
,
reasoning
,
search engines
,
user experience design
October 27, 2022
Previous
Page
1
Page
2
Page
3
Page
4
Page
5
Next
Search
Search
MENU
HOME PAGE
About
FAQ
The CATALINK Brief
Insights
Events
Analysis
Podcasts
Why crisis communications?
Our Team
GET IN TOUCH
Email:
[email protected]
Send us a message:
Contact
JOIN THE CATALINK MAILING LIST
First Name
Last Name
Organization
Email
Subscribe
