In the modern era, there is great convergence in the technologies used by friendly nations and by hostile ones. Signals intelligence agencies find themselves penetrating the technologies that they also at times must protect. To ease this tension, the United States and its partners have relied on an approach sometimes called Nobody But Us, or NOBUS: target communications mechanisms using unique methods accessible only to the United States. This paper examines how the NOBUS approach works, its limits, and the challenging matter of what comes next.

Few areas of national policymaking will remain untouched by artificial intelligence. Though the challenges it poses are complex, the opportunities it offers are tremendous. Simply put, machine learning is too important to ignore.

In a drumbeat of news stories and corporate press releases, one phrase has dramatically grown in use over the last decade: “sophisticated cyber attack.” These words have been used to describe specific intrusions into telecommunication providers, insurance companies, social media hubs, banks, the Pentagon, a host of security firms, government agencies, research labs, movie studios, and much more. It seems the world is awash in sophisticated network intrusions. 

But if everything is sophisticated, nothing is. This paper unpacks “sophistication” in cyber operations, exploring what it means, and what it should mean, for an operation to attain such a status. It examines the incentives for victims and observers to overstate the sophistication of other actors. Additionally, it offers a more rigorous framework for defining the term that takes into account technical and operational factors. But deploying the lens of sophistication by itself can be misleading; this paper also explores the incentives some actors have to deploy less sophisticated capabilities. 
 

Russian cyber operations against the United States aim to both collect information and develop offensive capabilities against future targets. Washington must strengthen its defenses in response.

This paper addresses a growing concern to one of the most fundamental components of our democracy: how cybersecurity risks can influence the integrity of our elections.

Encryption's new normal is changing the way in which states assert their sovereignty at home and abroad. Cryptography has gone mainstream. Now more than ever, encryption is used by ordinary citizens, often without their knowledge, and is a subject of national debate.