The Project on Technology and National Security focuses on technological leadership in a new kind of global conflict where innovation, investment, and ideas have become the sources of national power. The Project will lay out policies for America to compete in this new environment.
The Project has two workstreams, one on the role of AI and GPUs in global competition and a second on how to provide more effective cyber security.
Introduction
It surely is an irony of the current day that, notwithstanding the extraordinary power of the United States, it remains remarkably weak in defending its most important assets against cyber attacks
Reauthorizing CISA 2015: Securing the Future of Cyber Threat Intelligence Sharing
The real reason for a reauthorized CISA 2015 is for what it will enable over the next 10 to 15 years. As the Cybersecurity and Infrastructure Security Agency matures into a more operationally capable agency that can hunt for threats across the Federal Civilian Executive Branch (FCEB) and generate its own first-party data,
Lessons Learned from Lessons Learned: The Cyber Safety Review Board Can’t Be Voluntary
the difficulty of operating an investigative board on a voluntary basis will become all too apparent to the current administration.
Beyond Federal Boundaries: The Evolving Role of CISA, SRMAs, MSPs, and CSPs in Critical Infrastructure Cyber Risk Management
the technical—and increasingly, operational—capacity to monitor, respond, and remediate threats is rarely housed in federal or even state agencies. Instead, the practical burden has shifted outward. For key assets, MSPs and CSPs manage systems, patch vulnerabilities, and incident response.
CISA and the Civilian Face of Cybersecurity
Resilience does not begin in Washington. It begins with those closest to the risk: the state and local governments that keep water safe, schools open, and transit running; the industries that drive economic growth and operate critical infrastructure; and the individuals whose vigilance makes a difference every day.
Why We Need a Team Defense in Cyber
only one agency – CISA – has one primary, unambiguous mission: cyber defense. This clarity of purpose matters.
Framing Challenges for the Cybersecurity and Infrastructure Security Agency (CISA)
James Lewis The Cybersecurity and Infrastructure Security Agency (CISA) is the lead agency for domestic cybersecurity and critical infrastructure protection. CISA is a major improvement over its predecessors. It has achieved many of the initial goals envisioned in...
The Future of CISA – Summary
A Brief Introduction to CISA (James Lewis) CISA evolved from a fragmented agency landscape, consolidating multiple predecessor agencies (NCSD, NPPD) that struggled with unclear missions, interagency rivalries, and inadequate resources before its establishment as an...
The Future of CISA
The Future of CISA Essays on Building the Next Generation of Cyber Defense Edited by Jane Holl Lute, Rob Knake, and James Lewis Project on Technology and Security November 3, 2025 Executive Summary: Introduction (Jane Holl Lute) Persistent US Cyber Weakness and...
Rethinking the Chip Security Act
James A. Lewis, July 2025 The "Chip Security Act" hopes to bolster U.S. national security by tracking the location of advanced integrated circuits and computing hardware used for artificial intelligence. The bill seeks to protect these from diversion, theft,...