CSIS Cyber Policy Task Force

The CSIS Cyber Policy Task Force provides advice to the next U.S. administration on a comprehensive cybersecurity strategy.

CSIS began work in late 2014 with leading experts to develop recommendations on cybersecurity for the next presidential administration.  The CSIS Cyber Policy Task Force divided its work among two groups, one in Washington D.C. and the other in Silicon Valley.   Each group brought a unique and powerful perspective to the problems of cybersecurity, and their efforts form the basis of our recommendations on policies, organizational improvements, and resources needed for progress in this challenging area.

Cybersecurity is no longer a “greenfield” for policy development. Much has been done since CSIS’s first report was published in 2008 and the next administration will inherit a work in progress. Despite an exponential increase in attention to cybersecurity over the last decade, we are still at risk and there is much for the next administration to do.  This risk exists because of our reliance on technologies that are inherently vulnerable and because the enforcement of laws in cyberspace is inherently difficult, with some countries refusing to cooperate in prosecuting cybercriminals. Nations are also unwilling to constrain cyber espionage or limit the perceived benefits of military cyber operations.

The goals of our recommendations for the next administration’s cybersecurity efforts remain the same: to create a secure and stable digital environment that supports continued economic growth while protecting personal freedoms and national security. The requirements to achieve these goals also remain the same: central direction and leadership from the White House to create and implement a comprehensive and coordinated approach, since cybersecurity cuts across the mission of many different agencies. 

Documents


Cyber Policy Task Force Leadership and Members

Co-Chairs

The Honorable Senator Sheldon Whitehouse
The Honorable Representative Michael McCaul
Karen Evans (Washington)
Sameer Bhalotra (Silicon Valley)

Executive Director
James A. Lewis

Directors
Gary Belvin, Google
Davis Hake, CSIS

Senior Advisors
Harry Raduege, Deloitte

Observers
Jonah Force Hill
Franck Journoud

West Coast
Geoff Belknap, Slack
Cam Burks, Chevron
Mary Ann Davidson, Oracle
Jim Dempsey, Berkeley Center for Law and Technology
Michelle Dennedy, Cisco
Bill Jeffrey, SRI
Brian Johnson, LendingClub
Jay Kaplan, Synack
Gilman Louie, Alsop-Louie Partners
Alex Maestretti, Netflix
Kevin Mahaffey, Lookout
Diogo Monica, Docker
Iain Mulholland, VMWare
Ellen Richey, Visa

Chris Riley, Mozilla
James W. Sample, Ernst & Young
Ted Schlein, Kleiner Perkins
Nico Sell, Wickr
Raj Shah, DIUx
Nick Shevelyov, Silicon Valley Bank
Eli Sugarman, Hewlett Foundation
Derek Smith, Shape Security
Justin Somaini, SAP
Alex Stamos, Facebook
Andy Steingruebl, PayPal
Joe Sullivan, Uber
Ward Waltemath, Goldman Sachs
Brian White, RedOwl

East Coast
Dmitri Alperovitch, Crowdstrike
Mike Assante, SANS Institute
Rich Baich, Wells Fargo
Stewart Baker, Steptoe & Johnson
Richard Bejtlich, FireEye Inc.
Mike Brown, RSA
Rich Beutel, Cyrrus Analytics LLC
Steve Chabinsky, Crowdstrike
Dan Chenok, IBM Center for The Business of Government
Mark Clancy, DTCC
Mary DeRosa, Georgetown University
Margie Gilbert, Team Cymru
John Gilligan, Gilligan Group
Ryan Gillis, Palo Alto Networks
Jayne Holland, NIC, Inc.
Chris Inglis, U.S. Naval Academy
James Katavolos, CitiGroup
Suzanne Kecmer
 

Rob Knake, Council on Foreign Relations
Norma Krayem, Holland and Knight LLC
Paul Kurtz, TruSTAR
Robert Lentz, Cyber Security Strategies
Stephen Lilley, Mayer Brown LLC
Cheri McGuire, Standard Chartered
John Nagengast, AT&T
Jake Olcott, BitSight
Alan Paller, SANS Institute
Benjamin Powell, WilmerHale
Greg Rattray, JPMorgan Chase
Frank Reeder, Center for Internet Security
Paul Rosenzweig, Red Branch Consulting
David Simon, Mayer Brown LLP
Michael Sulmeyer, Harvard University Belfer Center
Bobbie Stempfley, MITRE
Amit Yoran, Tenable
Denise Zheng, CSIS