Focus Area
Transatlantic Cyber Forum
In January 2017, SNV founded the "Transatlantic Cyber Forum" (TCF). The TCF is an intersectoral, transatlantic cybersecurity expert network with 150 members from civil society, academia, industry, and governments. The TCF constitutes working groups on current issues of transatlantic cybersecurity policy, which aim to develop concrete policy recommendations within a time frame of eleven months.
TCF is an intersectoral network and currently consists of more than 150 experts from civil society, academia, industry, and government agencies working in various areas of transatlantic and international cyber security policy.
The following was previously the focus (in chronological order):
-
Use of surveillance software by law enforcement agencies
-
Government disclosure decision processes
-
Securing elections
-
Technological innovation for intelligence surveillance control
-
Securing machine learning applications
-
Protection of the machine learning supply chain
-
Government's role in securing Open-Source Software
-
Cybersecurity support deployment
-
Responsible active cyber defense operations
-
Responsible vulnerability disclosure and mitigation sharing
The work was conducted by working groups with 30-50 experts each through online and face-to-face workshops in Berlin and Washington D.C., and through online collaboration.
Working Group: Responsible Vulnerability Disclosure and Mitigation Sharing
In 2024, the TCF Network focuses on the topic of "Responsible Vulnerability Disclosure and Mitigation Sharing" to present concrete implementation recommendations for "Norm (j)" of the UN norms of responsible state behavior in cyberspace. This project is made possible by the generous support of the German Federal Foreign Office. The working group currently consists of:
Charles-Pierre |
Astolfi |
|
Manuel |
Atug |
HiSolutions |
Christoph |
Bausewein |
Crowdstrike |
Ralf |
Benzmüller |
G DATA Cyberdefense AG |
Gregor |
Bransky |
Innovationsverbund Öffentliche Gesundheit e.V. |
Jack |
Cable |
U.S. Cybersecurity and Infrastructure Security Agency (CISA) |
Betsi |
Cooper |
Aspen Tech Policy Hub |
Alan |
Duric |
|
Lars |
Fischer |
University of Applied Sciences Bremerhaven |
Kenneth |
Geers |
Atlantic Council |
Max |
Heinemeyer |
Darktrace |
Yorck |
Hesselbarth |
London School of Economics |
Thorsten |
Holz |
CISPA Helmholtz Center for Information Security |
Carolin |
Kemper |
Deutsches Forschungsinstitut für öffentliche Verwaltung |
Adam I. |
Klein |
Robert Strauss Center for International Security & Law, University of Texas Law School |
Andreas |
Kuehn |
ORF America |
Susan |
Landau |
Tufts University |
Klaus |
Landefeld |
eco - Verband der Internetwirtschaft |
Thomas |
Lawson |
AXA |
Andreas |
Lehner |
DCSO |
Lisa |
Lobmeyer |
HiSolutions AG |
Eugenia |
Lostri |
Lawfare Institute |
Igor |
Mikolic-Torreira |
Center for Security and Emerging Technology (CSET) at Georgtown University |
Greg |
Nojeim |
Center for Democracy & Technology |
Lukasz |
Olejnik |
Independant Researcher and Consultant |
Alexandra |
Paulus |
|
Pavlina |
Pavlova |
Cyber Peace Institute |
Riana |
Pferfferkorn |
Stanford Internet Observatory |
Jörg |
Pohle |
Alexander von Humboldt Institute for Internet and Society |
Rainer |
Rehak |
Weizenbaum Institute for the Networked Society |
Thomas |
Reinhold |
TU Darmstadt |
Christine |
Runnegar |
Internet Society |
Gudio |
Schulte |
German Armed Forces |
Ari |
Schwartz |
Venable |
Chinmayi |
Sharma |
Rober Strauss Center for International Security and Law, University of Texas |
Aleksandra |
Sowa |
Gesellschaft für Informatik (GI), FG PET |
Rob |
Spiger |
Microsoft |
Megan |
Stifel |
Institute for Security and Technology |
Tara |
Tarakiyee |
Sovereign Tech Fund |
Tassilo |
Thieme |
Federal Office for Information Security |
Eric |
Veith |
Carl von Ossietzky University Oldenburg |
Julian-Ferdinand |
Vögele |
Recorded Future |
Eric |
Wenger |
Cisco |
Tarah |
Wheeler |
Red Queen Dynamics |
JD |
Work |
National Defense University & Columbia University |
Paul |
Zenker |
NSIDE ATTACK LOGIC GmbH |
The following publications have been supported by the Transatlantic Cyber Forum:
-
Policy Brief – Vulnerability Disclosure: Guiding Governments from Norm to Action
-
Policy Brief - Active Cyber Defense: Toward Operational Norms
-
Policy Brief - Cybersecurity Support Deployments: An Emerging Cooperative Approach
-
Policy Brief - Active Cyber Defense Operations: Assessment and Safeguards
-
Policy Brief - Securing Artificial Intelligence (Part 2) - Understanding the Security Implications of the Machine-Learning Supply Chain
-
Policy Brief - Governmental Vulnerability Assessment and Management
-
Policy Brief - A Framework for Government Hacking in Criminal Investigations
-
Policy Brief - Securing Democracy in Cyberspace: An Approach to Protecting Data-Driven Elections
-
Policy Brief - Cyber Operations: Defending Political IT-Infrastructures
-
Policy Brief - Government Hacking: Computer Security vs. Investigative Powers
-
Statement - Initial Take-Away: Encryption Policy and "Government Hacking"
The TCF project team regularly engages in events and presentations including the Congressional Cybersecurity Caucus, the European Parliament and the German Bundestag and is cited in national and international media including leading German media outlets as well as for example the New York Times and the Washington Post.
Publications on this focus area
Policy Brief
Active Cyber Defense
Toward Operational Norms
Dr. Sven Herpig
November 21, 2023
Policy Brief
Cybersecurity Support Deployments: An emerging cooperative approach
Eglė Daukšienė, Julia Schuetze
June 15, 2023
Policy Brief
Fostering Open Source Software Security
Blueprint for a Government Cybersecurity Open Source Program Office
Dr. Sven Herpig
May 31, 2023