Transatlantic Cyber Forum
Cyber security and defense policies increasingly gain importance and momentum worldwide. Issues, such as the regulation of state surveillance, encryption policy and vulnerability exploitation, implications of emerging technologies, cooperation and coordination in the information security realm as well as offensive cyber operations, have implications for the domestic and international spheres alike. Those are global challenges which cannot adequately be addressed from a singular nation-state perspective. It is therefore prudent to learn from each other and develop smart and pragmatic solutions together. The United States as the global technology leader and Germany as a central stakeholder of the European Union with a distinct security and privacy culture and mindset play a major role in providing answers to those challenges.
To further research in the area of international cyber security policies and provide concrete policy recommendations, the Stiftung Neue Verantwortung (SNV) established The Transatlantic Cyber Forum (TCF) in January 2017. TCF was founded with the financial support of the Robert Bosch Stiftung and the William and Flora Hewlett Foundation. It is currently funded by the William and Flora Hewlett Foundation.
TCF is an intersectoral network and currently consists of more than 150 experts from civil society, academia and private sector working in various areas of transatlantic cyber security policy. Between 2017 and 2018 the network's focus was on government hacking, vulnerability assessment and management, securing elections and technological innovation for intelligence oversight. In 2019 and 2020 the network worked in the topic "Cybersecurity of Artificial Intelligence". The work was conducted by working groups with 30-50 experts each through online and face-to-face workshops in Berlin and Washington D.C., and through online collaboration.
Working Group: Active Cyber Defense
The 2021 expert working group led by Dr. Sven Herpig focused on "active cyber defense". This covered the definition of the term, the technical foundation of the various associated instruments, and connected the technical perspective to the policy level, as well as embeds it into strategies such as “persistent engagement”. The working group continues in January 2023 and currently consists of:
Dave | Aitel | Founder of Immunity |
Charles-Pierre | Astolfi | |
Manuel | Atug | HiSolutions |
Caroline | Baylon | AXA |
Ralf | Benzmüller | G DATA SecurityLabs |
Sneha | Dawda | Royal United Services Institute |
Lars | Fischer | University of Applied Sciences Bremerhaven |
Stefanie | Frey | Deutor Cyber Security Solutions |
Kenneth | Geers | NATO Cyber Centre |
Max | Heinemeyer | Darktrace |
Wyatt | Hoffman | Center for Security and Emerging Technology |
Frederike | Kaltheuner | New Possible |
Karsten | König | Secfault Security |
Lucie | Krahulcova | Digital Rights Watch |
Andreas | Kuehn | Observer Research Foundation America |
Joanna | Kulesza | University of Lodz |
Thomas | Lawson | AXA |
Jim | Lewis | Center for Strategic and International Studies |
Nemanja | Malisevic | Microsoft |
Louise | Marie Hurel | London School of Economics and Political Science (PhD Researcher) |
Igor | Mikolic-Torreira | Center for Security and Emerging Technology |
Greg | Nojeim | Center for Democracy and Technology |
Lukasz | Olejnik | Independent Researcher |
Alexandra | Paulus | Chemnitz University of Technology (PhD Researcher) |
Pavlina | Pavlova | Cyber Peace Institute |
Jörg | Pohle | Humboldt Institute for Internet and Society |
Johanna | Polle | Institute for Peace Research and Security Policy at the University of Hamburg (PhD Researcher) |
Thomas | Reinhold | Technical University of Darmstadt (PhD Researcher) |
Volker | Roth | FU Berlin |
Christine | Runnegar | Internet Society |
Janine | Schmoldt | University of Erfurt (PhD Researcher) |
Emma | Schroeder | Atlantic Council |
Matthias | Schulze | German Institute for International and Security Affairs |
Ari | Schwartz | Cybersecurity Coalition |
Aleksandra | Sowa | Gesellschaft für Informatik (GI), FG PET |
Nathalie | Van Raemdonck | Vrije University Brussels (PhD Researcher) |
Eric | Veith | OFFIS |
Eric | Wenger | Cisco Systems |
Working Group: International Deployment of Governmental Incident Response Teams
A second working group led by Julia Schuetze focuses in 2022 on "international deployment of governmental incident response teams". This covers the definition of what constitutes an international deployment, the possible set-up(s) of such teams, capabilities and an analysis of political and legal implications. The working group currently consists of:
Nick | Beecroft | Carnegie Cyber Policy Initiative at the Carnegie Endowment for International Peace |
Enrico | Calandro | Cybersecurity Capacity Centre for Southern Africa |
Madeline | Carr | Dept of Computer Science Faculty of Engineering Science, University College London |
Eglė | Daukšienė | Ministry of National Defence Lithuania |
Kenneth | Geers | NATO Cyber Centre |
Louise Marie | Hurel | Department of Media and Communications London School of Economics and Political Science (PhD Researcher) |
Carolin | Kemper | Deutsches Forschungsinstitut für Öffentliche Verwaltung |
Koichiro | Komiyama | JPCERT/CC |
Andreas | Kuehn | Observer Research Foundation America |
Joanna | Kulesza | University of Lodz |
Rolf | Lion | Zentrum für Cyber-Sicherheit der Bundeswehr |
Christoph | Lobmeyer | Incident Response Expert |
Christian | Marxsen | Max Planck Institute for Comparative Public Law and International Law in Heidelberg |
Christine | Runnegar | Internet Society |
Thomas | Schreck | Munich University of Applied Sciences (Professor) |
Janine | Schmoldt | Lehrstuhl für Internationale Beziehungen der Universität Erfurt |
Ivana | Stradner | American Enterprise Institute Igor Mikolic-Torreira, Center for Security and Emerging Technology (CSET) at Georgtown University |
Leonie | Tanczer | Department of Science, Technology, Engineering and Public Policy, University College London’s (UCL) |
Working Group: Government's Role in increasing IT-Security of Open-Source Software
From 2022 to 2023 this working group will work on the government's role in increasing IT-security of open-source software. It will inter alia focus on requires resources, responsible actors, possible policy instruments and aims to provide a blueprint for how government's could engage in the space. The working group currently consists of:
Charles-Pierre | Astolfi | |
Lola | Attenberger | ZEISS SMT |
Manuel | Atug | AG KRITIS |
William | Bartholomew | Microsoft |
Ralf | Benzmüller | G DATA |
Zoë | Brammer | Institute for Security + Technology |
Gregor | Bransky | |
Jack | Cable | Cybersecurity and Infrastructure Security Agency (CISA) |
Isabel | Drost-Fromm | Europace AG |
Lars | Fischer | University of Applied Sciences Bremerhaven |
Kenneth | Geers | NATO Cyber Centre |
Ernst | Härtl | digital4tress |
Antonia | Hmaidi | MERICS |
Michael | Hsieh | Center for International Security and Cooperation, University of Stanford |
Danilo | Kampe | D-Trust |
Caroline | Krohn | AG Nachhaltige Digitalisierung [Sustainable Digitisation] |
Andreas | Kühn | Observer Research Foundation America |
Thomas | Lawson | AXA Group |
Eugenia | Lostri | Lawfare Institute |
Jamie | MacColl | Royal United Services Institute |
Daniel | Moßbrucker | University of Hamburg (PhD Researcher) |
Astor | Nummelin Carlberg | OpenForum Europe |
Alexandra | Paulus | Stiftung Neue Verantwortung |
Jörg | Pohle | Humboldt Institute for Internet and Society |
Volker | Roth | Freie Universität Berlin |
Christine | Runnegar | Internet Society |
Alexander | Sander | Free Software Foundation Europe |
Janine | Schmoldt | University of Erfurt |
Stewart | Scott | Atlantic Council |
Seyffarth | Miriam | Open Source Business Alliance |
Chinmayi | Sharma | Robert Strauss Center for International Security and Law, University of Texas |
Megan | Stifel | Institute for Security + Technology |
Tara | Tarakiyee | Sovereign Tech Fund |
Frank | Termer | BITKOM |
Christopher | Weatherhead | Privacy International |
Lilith | Wittmann |
The following publications have been supported by the Transatlantic Cyber Forum:
- Policy Brief - Active Cyber Defense Operations: Assessment and Safeguards
-
Policy Brief - Securing Artificial Intelligence (Part 2) - Understanding the Security Implications of the Machine-Learning Supply Chain
-
Policy Brief - Securing Artificial Intelligence (Part 1) - The attack surface of machine learning and its implications
-
Policy Brief - Governmental Vulnerability Assessment and Management
-
Policy Brief - A Framework for Government Hacking in Criminal Investigations
-
Policy Brief - Securing Democracy in Cyberspace: An Approach to Protecting Data-Driven Elections
-
Policy Brief - Cyber Operations: Defending Political IT-Infrastructures
-
Policy Brief - Government Hacking: Computer Security vs. Investigative Powers
-
Statement - Initial Take-Away: Encryption Policy and "Government Hacking"
In addition to the publications, the TCF project team at SNV provides the expert network with short updates (called "policy debates") which identify and discuss German cyber security policy developments.
The TCF project team regularly engages in events and presentations including the Congressional Cybersecurity Caucus, the European Parliament and the German Bundestag and is cited in national and international media including leading German media outlets as well as for example the New York Times and the Washington Post.