Research and Projects
Addressing Systemic Cyber Issues
Research that shapes conversations, strategies, and policies
Project on Cyber Risks to Financial Stability
The Project on Cyber Risk to Financial Stability, led jointly by the Program on the Future Cyber Risks and the Initiative on Central Banking and Financial Policy has worked to foster dialogue between experts in academia, industry, and government at the intersection of cybersecurity and financial stability to strengthen resilience in the financial industry.
The project's first paper, "The Future of Financial Stability and Cyber Risk", provides a general review of cyber risk to financial stability, contains a primer on financial stability and cyber risks, and highlights how cyber risks are different from other systemic financial risks. It also summarizes previous reports and efforts of policymakers and industry addressing these issues.
The second paper, "The Ties That Bind: A Framework to Assess the Linkage Between Cyber Risks and Financial Stability", developed a unique framework to assist analysts trying to assess how specific cyber risks might affect financial stability.
The third paper, "An Atlas of Data Sources on Cyber Risk: Understanding Cyber Impact on Financial Stability" creates an atlas using existing data and information systems that can be used to gain a holistic understanding of how current cyber threat levels can impact financial stability.
Russia-Ukraine Cyber Conflict Tracker
Tracking malicious cyber operations in the Russo-Ukraine war
In partnership with the Army Cyber Institute, the Russia-Ukraine Cyber Conflict Tracker monitors and analyzes malicious cyber activity related to the 2022 Russian invasion of Ukraine.
What is the role of cyber operations in modern warfare?
This project, led by Erica Lonergan, aims to provide an empirical basis to evaluate the evolving nature of cyber conflict in a warfighting context. This project continuously tracks the cyber landscape in the context of Russia’s 2022 invasion of Ukraine, enabling researchers to gain insights into patterns of cyber incidents in the context of this conflict. Our project focuses on collecting data to help identify and explore potential relationships between activities in cyberspace and the broader dynamics of the conflict.
It does so with several objectives:
- Tracking Cyber Operations: Building a database of cyber operations throughout the conflict by country involved in the conflict.
- Understanding Correlation: Providing a holistic insight into how cyber operations impact and are impacted by the ongoing military activities.
- Analyzing Malicious Activities: Assessing variation in the nature of cyber incidents by type, targets, and ultimate outcomes.
Further Research
Past Federal cyber efforts have failed because there has never been a simple, unifying strategy. Just as the Cold War strategy was simple (containment), as was the Army’s COIN strategy (roughly, to win hearts and minds), the US cyber strategy should be to get defense the advantage over offense.
A unique dataset of over 100 cases of defensive operational disruption over the last 30 years, from 1987 until 2020. The underlying paper by Healey, Jenkins and Work also provides a framework for categorizing disruption operations and their effects – along with detailed descriptions for several of these case studies coded to the framework – so that researchers and practitioners can measure their impact using a common terminology.
A team of SIPA students and alumni worked with SIPA Senior Research Scholar John Batelle to develop an interactive visualization that helps users understand how large technology companies collect, use, and share user information across the internet.
A Fragmented Internet? collects the proceedings of the 2017 edition of the Global Digital Futures Forum including background papers from experts covering the effect of fragmentation upon global governance, international trade, trust and assurance, global platforms and international development, cyber conflict and democracy, the digital economy, and financial systemic risk.
In November 2016, Jason Healey published a report based on research conducted over the past six months with a class of graduate students on how the U.S. Government manages vulnerabilities through the Vulnerability Equities Process.
In November 2016, Laura DeNardis, Gordon Goldstein and David A. Gross published a working paper presenting the historical perspective of internet governance as a conflict between two incommensurable visions for the internet.
This academic work was undertaken with the vital support of the Carnegie Corporation of New York as part of SIPA’s Tech & Policy Initiative, an ambitious effort to explore the intersection of the digital world and SIPA’s core fields of study.
This academic work was undertaken with the vital support of the Carnegie Corporation of New York as part of SIPA’s Tech & Policy Initiative, an ambitious effort to explore the intersection of the digital world and SIPA’s core fields of study.