securityandtechnology.org

# Institute for Security and Technology: Institute for Security \+ Technology

> The Institute for Security and Technology \(IST\) is the 501\(c\)\(3\) critical action think tank\. IST unites technology and policy leaders to create actionable solutions to emerging security challenges\.

Generated by Yoast SEO v27.2, this is an llms.txt file, meant for consumption by LLMs.

## Pages
- [About the Institute for Security and Technology](https://securityandtechnology.org/about-ist/): The Critical Action Think Tank
- [Contact](https://securityandtechnology.org/contact/)
- [Privacy Policy](https://securityandtechnology.org/privacy-policy/)
- [AI and Nuclear Command, Control, and Communications](https://securityandtechnology.org/ai-nc3/): Pioneering action\-oriented efforts to explore how advanced AI capabilities will be integrated into NC3 systems

- [AI Antitrust and National Security](https://securityandtechnology.org/ai-antitrust-and-national-security/): Exploring how to more effectively account for national security considerations in AI antitrust cases while respecting precedent, scope, and the core principles of antitrust law
- [AI Chip Export Control Initiative](https://securityandtechnology.org/ai-chip-export-control-initiative/): Safeguarding U\.S\. national competitiveness by closing critical compliance and enforcement gaps
- [AI Risk Reduction Initiative ](https://securityandtechnology.org/ai-risk-reduction-initiative/): Assessing the risks and opportunities of AI foundation models and developing technical and policy\-oriented risk reduction strategies
- [Combating Distributed Denial of Service Attacks](https://securityandtechnology.org/combating-distributed-denial-of-service-attacks/): Clarifying industry incentives and identifying best practices to combat threats posed by DDoS attacks
- [Generative Identity Initiative \(GII\)](https://securityandtechnology.org/generative-identity-initiative/): Exploring how GenAI will affect social cohesion and the protection of public interest
- [Our Team](https://securityandtechnology.org/our-team/): We unite technology and policy leaders to create actionable solutions to emerging security challenges
- [Ransomware Task Force \(RTF\)](https://securityandtechnology.org/ransomwaretaskforce/): Combating the ransomware threat with a cross\-sector approach
- [UnDisruptable27](https://securityandtechnology.org/undisruptable27/): Acting with Urgency to Save Lives in the Face of Unprecedented Cyber Threats

- [Future of Digital Security](https://securityandtechnology.org/future-of-digital-security/): Examining the systemic security risks of societal dependence on digital technologies\.
- [Innovation and Catastrophic Risk](https://securityandtechnology.org/innovation-and-catastrophic-risk/): Integrating novel technical expertise to increase global stability and assess emerging risks
- [The Geopolitics of Technology](https://securityandtechnology.org/democracy-and-the-geopolitics-of-tech/): Taking on the implications of technology for global politics and security, which will shape innovation, supply chains, prosperity, and national and international security\.
- [Analysis](https://securityandtechnology.org/analysis/): Explore our research
- [Events](https://securityandtechnology.org/events/): View the Institute for Security and Technology's upcoming and past events\. 

## Annual Reports
- [2025](https://securityandtechnology.org/annual-report/2025/)
- [2024](https://securityandtechnology.org/annual-report/2024/)
- [2023](https://securityandtechnology.org/annual-report/2023/)
- [2022](https://securityandtechnology.org/annual-report/2022/)

## Blogs
- [Managing Misuse Risk for Dual\-Use Foundation Models: IST Submits Comments to a NIST Request for Information ](https://securityandtechnology.org/blog/managing-misuse-ist-submits-comments/): Last week, Institute for Security and Technology \(IST\) submitted a response to NIST's Request for Comments on the U\.S\. Artificial Intelligence Safety Institute's draft guidelines for identifying and mitigating the risks to public safety and national security present across the AI lifecycle\.
- [Active Defense, the Congressional Agenda, Teen Hackers, and Critical Infrastructure Resilience: IST at RSA](https://securityandtechnology.org/blog/ist-at-rsa-26/): IST will once again join the global community of cyber experts in convening in San Francisco for RSAC this March\! From active defense, to the congressional agenda, to stopping teen hackers, the IST team and adjuncts will tackle complex issues across sectors\. 
- [The Fight Comes to Our Shores: Breaking Down the Cyber Attack on Stryker](https://securityandtechnology.org/blog/the-fight-comes-to-our-shores/): On March 11, a pro\-Iran regime hacking group wiped the devices of U\.S\. medical device manufacturer Stryker, marking the first cyber attack on domestic soil in the war in Iran\. IST convened a pop\-up webinar with friends and adjuncts to break down the attack, consider its implications, and answer pressing questions from the community\.
- [Meet the Religious Voices and Responsible AI Steering Committee](https://securityandtechnology.org/blog/meet-the-religious-voices-and-responsible-ai-steering-committee/): Thirteen computer science, philosophy, theology, and public policy experts have joined IST and AI and Faith to provide strategic guidance on the Religious Voices and Responsible AI initiative\.
- [Who Sets the Rules? The Imminent GDPR\-ification of Product Cybersecurity](https://securityandtechnology.org/blog/who-sets-the-rules-the-imminent-gdpr-ification-of-product-cybersecurity/): Just as Europe set the global standard for data privacy with the GDPR—without U\.S\. input—other jurisdictions worldwide are poised to do the same for product cybersecurity, and the window for American policymakers to act is closing fast\.

## Events
- [Critical Effect DC 2025](https://securityandtechnology.org/event/critical-effect-dc-2025/): The next evolution of Hack the Capitol, Critical Effect DC is a two\-day, annual critical infrastructure\-focused conference connecting policymakers, members of civil society and academia, and OT/ICS stakeholders\. Presented by ICS Village, in partnership with the Institute for Security and Technology, Crowell LLP, and the National Security Institute, this year’s event prioritized timely, solution\-driven content with a sense of urgency, focusing on initiatives that can be implemented in the next two years\.
- [Securing Our Autonomy: How AI Fuels Cognitive Warfare \- and How We Can Fight Back](https://securityandtechnology.org/event/securing-our-autonomy-how-ai-fuels-cognitive-warfare-and-how-we-can-fight-back/): In a side event at the SCSP AI Expo, experts on the front lines of policy, industry, and neuroscience unpacked how AI is being weaponized for psychological and influence operations — and how we can build resilience across society\. 
- [The Fight Comes to Our Shores: Breaking Down the Cyber Attack on Stryker](https://securityandtechnology.org/event/the-fight-comes-to-our-shores-breaking-down-the-cyber-attack-on-stryker/): What do we know about what happened, and who carried out this destructive attack? What are the potential motivations behind the targeting? How does it compare to past cyber operations? And how should policymakers and critical infrastructure operators respond?
- [Improving Nuclear Hotlines: Experts Speak](https://securityandtechnology.org/event/improving-nuclear-hotlines-experts-speak/): Should multilateral crisis communications systems be used before, during, or after a crisis? How would nuclear\-armed states benefit most from such a system? What challenges stand between theory and implementation?
- [Reinvigorating Crisis Communications in an Era of Emerging Technologies](https://securityandtechnology.org/event/reinvigorating-crisis-communications-in-an-era-of-emerging-technologies/): In February 2026, IST’s CATALINK Initiative hosted a workshop in Geneva to connect with stakeholders on reinvigorating nuclear crisis communications in a new era of emerging technologies\.

## People
- [Dominic Rizzo](https://securityandtechnology.org/person/dominic-rizzo/)
- [Taylor Roberts](https://securityandtechnology.org/person/taylor-roberts/)
- [Brian Abeyta](https://securityandtechnology.org/person/brian-abeyta/)
- [Jason Kikta](https://securityandtechnology.org/person/jason-kikta/)
- [Christopher Plummer](https://securityandtechnology.org/person/christopher-plummer/)

## Podcasts
- [Episode 51: Cyber\-Informed Engineering: Moving Beyond the Firewall](https://securityandtechnology.org/podcast/episode-51/): For the last episode of season 5, host Bryson Bort sat down with Andrew Ohrt, Resilience Director at West Yost Associates to walk through the "invisible" nature of water systems, the impact of data centers on utility resilience, and how Cyber\-Informed Engineering protects our most essential resource\.
- [Episode 50: Systems Engineering for Survival: A Physician's Guide to Emergency Management](https://securityandtechnology.org/podcast/episode-50/): Our host Bryson Bort welcomes Dr\. Natalie Sullivan, Medical Director of the Emergency Response Medical Group and an emergency medicine physician at a D\.C\. area hospital\. Trained in EMS and disaster and operational medicine, Natalie turned her attention to the critical intersection of clinical medicine, patient safety, and cybersecurity resilience after experiencing a prolonged ransomware attack on a major hospital\.
- [Episode 49: Bridging the IT/OT Divide in Oil and Gas](https://securityandtechnology.org/podcast/episode-49/): Bryson Bort is joined by Dd Budiharto, Microsoft’s Customer Security Officer for the Oil, Gas, and Energy sectors, as she shares her experience bridging the IT/OT divide in the energy sector\.
- [Episode 48: AI and the Future of Maritime Cybersecurity](https://securityandtechnology.org/podcast/episode-48/): In a new episode of the ICS Village and IST podcast Hack the Plan\[e\]t, retired maritime cybersecurity professor Gary Kessler joins Bryson Bort to walk us through the ins and outs of cybersecurity at sea, automated identification systems, and AI’s current and future role in maritime operations\. What is AIS spoofing, and why is it dangerous? What are the unique challenges posed by cybersecurity at sea? Is the maritime industry ready for artificial intelligence integrations? 
- [Why Venture Capital is Indispensable for U\.S\. Industrial Strategy](https://securityandtechnology.org/podcast/technologist-talks-why-venture-capital-is-indispensable-for-u-s-industrial-strategy/): In the first episode of the TechnologIST Talks series “The Strategic Edge in Techno\-Industrial Competition,” Michael Brown and Pavneet Singh join IST Chief Executive Officer Philip Reiner for a conversation on their plan for harnessing the power of venture capital\.

## Resources
- [Comparative Analysis of National and Regional Product Cybersecurity Frameworks](https://securityandtechnology.org/virtual-library/report/comparative-analysis-of-product-cybersecurity/): Author Taylor Roberts presents a structured, data\-driven analysis of product cybersecurity frameworks across multiple jurisdictions for policymakers\. 
- [Imminent National Cyber Strategy May Lean on Offense at the Expense of Defense](https://securityandtechnology.org/virtual-library/op-ed/imminent-national-cyber-strategy-may-lean-on-offense-at-the-expense-of-defense/): The Trump administration’s National Cyber Strategy is imminent\. Will it, as rumors suggest, prioritize cyber offense over defense in order to shape adversary behavior? In a new Claroty Nexus op\-ed, IST Chief Strategy Officer Megan Stifel breaks down the history of U\.S\. cyber strategy and the potential drawbacks of an offense\-first approach\.
- [CVE at a Crossroads: A Blueprint for the Next 25 Years](https://securityandtechnology.org/virtual-library/report/cve-at-a-crossroads/): The Common Vulnerabilities and Exposures \(CVE\) Program is a critical public good, yet it is at a crossroads\. Established by MITRE with support from the U\.S\. government, the index of software vulnerability identifiers has been a core element of software security since 1999\. But recent funding issues have laid bare fundamental challenges, and without action, the vulnerability identification landscape will fragment\. This report provides recommendations for global policymakers on how to reimagine the CVE Program for the next 25 years\. 
- [Cybersecurity Considerations for Universal Service Fund Reform](https://securityandtechnology.org/virtual-library/primer/cybersecurity-considerations-for-universal-service-fund-reform/): As the speed, scope, and impact of cyber threats to K\-12 schools continues to increase, Congress has expressed a clear desire to reinvigorate the Universal Service Fund \(USF\) through legislation\. IST SVP for Policy Nicholas Leiserson explores how USF funding, through the FCC's E\-Rate Program, could bolster cybersecurity resources for K\-12 schools\.
- [A Changing Export Control Landscape: H200 Exports, Remote Access Rules, and What Comes Next](https://securityandtechnology.org/virtual-library/primer/a-changing-export-control-landscape/): January 2026 was, in many ways, an inflection point for export controls\. From the resumption of Nvidia H200 sales to China to congressional discussion on restricting remote cloud access, IST's AI Chip Export Control Initiative team unpacks what these developments mean for the future\.

## Event Types
- [Virtual Webinar](https://securityandtechnology.org/event-type/virtual-webinar/)
- [All\-Day Event](https://securityandtechnology.org/event-type/all-day-event/)
- [Side Event](https://securityandtechnology.org/event-type/side-event/)
- [AMA](https://securityandtechnology.org/event-type/ama/)
- [Cyber Policy Awards](https://securityandtechnology.org/event-type/cyber-policy-awards/)

## Pillars \& Projects
- [Future of Digital Security](https://securityandtechnology.org/pillar_project/future-of-digital-security/)
- [Innovation and Catastrophic Risk](https://securityandtechnology.org/pillar_project/innovation-and-catastrophic-risk/)
- [The Ransomware Task Force \(RTF\)](https://securityandtechnology.org/pillar_project/future-of-digital-security/the-ransomware-task-force-rtf/)
- [CATALINK](https://securityandtechnology.org/pillar_project/innovation-and-catastrophic-risk/catalink/)
- [The Geopolitics of Technology](https://securityandtechnology.org/pillar_project/the-geopolitics-of-technology/)

## Resource Types
- [Report](https://securityandtechnology.org/resource_type/report/)
- [In the News](https://securityandtechnology.org/resource_type/in-the-news/)
- [Op\-ed](https://securityandtechnology.org/resource_type/op-ed/)
- [AAR](https://securityandtechnology.org/resource_type/aar/)
- [Podcast](https://securityandtechnology.org/resource_type/podcast/)

## Sources
- [IST publications](https://securityandtechnology.org/resource_source/ist-publications/)
- [External publications](https://securityandtechnology.org/resource_source/external-publications/)

## Teams
- [Team](https://securityandtechnology.org/team/our-team/)
- [Adjunct Advisors](https://securityandtechnology.org/team/adjunct-senior-advisors/)
- [CATALINK Technical and Policy Advisors](https://securityandtechnology.org/team/initial-technical-and-policy-advisors-catalink/)
- [IST Future of Digital Security Experts](https://securityandtechnology.org/team/future-of-digital-security/)
- [Cyber Policy Awards Judges](https://securityandtechnology.org/team/cyber-policy-awards-judges/)

## Topics
- [cybersecurity](https://securityandtechnology.org/resource_topic/cybersecurity/)
- [Ransomware](https://securityandtechnology.org/resource_topic/ransomware/)
- [NC3](https://securityandtechnology.org/resource_topic/nc3/)
- [artificial intelligence](https://securityandtechnology.org/resource_topic/artificial-intelligence/)
- [critical infrastructure](https://securityandtechnology.org/resource_topic/critical-infrastructure/)

## Years
- [2022](https://securityandtechnology.org/resource_year/2022/)
- [2019](https://securityandtechnology.org/resource_year/2019/)
- [2025](https://securityandtechnology.org/resource_year/2025/)
- [2024](https://securityandtechnology.org/resource_year/2024/)
- [2020](https://securityandtechnology.org/resource_year/2020/)

## Optional
- [Sitemap index](https://securityandtechnology.org/sitemap_index.xml)