If anyone had asked me while I was in graduate school at Columbia University whether I would be interested in pursuing a career in cybersecurity, I would have rejected the idea outright (and likely would not have known what that would mean for a political scientist). At the time, I was working on my dissertation about proxy warfare and, specifically, why some states seem to do a better job than others at managing relationships with their nonstate partners. I was also engaged in a number of different research projects on civil wars and insurgency, military innovation, international crisis bargaining, and grand strategy. It wasn’t until I graduated in 2014 with my PhD and started my first job—directing West Point’s grand strategy program—that I became interested in research on cyber strategy and policy.
My unexpected deep dive into research at the nexus of cyberspace and international politics was a matter of fortuitous timing. Around the same time that I started my first semester as a professor at West Point was also when the U.S. Army officially stood up its newest branch, the cyber branch. Several of my active-duty colleagues in the social sciences department, where I was appointed, were considering switching branches to the newly created cyber branch, and there was a significant amount of intellectual energy among the faculty to explore the strategic, operational, and tactical implications of the cyber domain. I was especially curious about the potential implications of my dissertation research, which focused on traditional proxy relationships, for cyberspace, given some notable similarities across the two areas (like the reliance of governments on nonstate actors to achieve strategic objectives, the role of secrecy and plausible deniability, the potential risks for miscalculation and escalation, and the consequences for international stability, to name a few). I worked with a colleague on a paper about proxy relationships in cyberspace and haven’t looked back!
Since then, I’ve been fortunate to have a number of critical opportunities to broaden and deepen my expertise on cybersecurity issues. During the 2018–2019 academic year, I was an International Affairs Fellow at the Council on Foreign Relations, where I split my fellowship time between working at JPMorgan Chase on the Global Cyber Partnerships and Government strategy team and serving on the Cyber National Mission Force at U.S. Cyber Command. These roles gave me a unique vantage point to understand both the challenges and the opportunities of navigating how the government and private sector could work together to address shared threats in cyberspace, especially those that may generate systemic risks. After that, I returned to the Army Cyber Institute at West Point, where I focused on research covering a range of cybersecurity topics that impacted the army and the Department of Defense.
While at the Army Cyber Institute, I was detailed to the bipartisan U.S. Cyberspace Solarium Commission, created by Congress in the 2019 National Defense Authorization Act (NDAA) to develop a strategy and policy recommendations to defend the United States against cyber attacks of significant consequences. Serving as a senior director on the commission—which was led by fourteen commissioners from Congress, the executive branch, and private sector—afforded me yet another perspective on cyber strategy and policy. Being able to observe the tangible impact of our work—especially the inclusion of so many of the commission’s legislative proposals into the 2021 NDAA—was particularly rewarding.
Here at Carnegie, I’m excited to be taking the helm of the FinCyber project, which is focused on protecting the global financial system against cyber threats; continue work on my book about escalation dynamics in cyberspace; and build and expand on my ongoing research and policy work at the intersection of cybersecurity, emerging technology, and international politics.