NEWS & EVENTS
CSIS Cyber Leaders Series: How Can Ukraine Win the Cyber War? A Conversation with Dr. Greg Rattray
What is it like to simultaneously fight a cyber war and a shooting war? How does Russia fight in the cyber domain, and how was Ukraine so resilient? What lessons can the United States and allies learn from that resilience? Next Peak’s Greg Rattray joins CSIS host, Emily Harding, to speak on lessons learned from the Cyber Defense Assistance Collaborative.
Next Peak’s Intelligent Cyber Research offers new Geo Cyber Risk Index
Next Peak’s Intelligent Cyber Research (ICR), inspired by co-founder Greg Rattray’s vision to merge geopolitical intelligence with cyber insight, is ready to empower organizations to make informed, forward-looking decisions. On September 19, 2025 Next Peak officially launched ICR, announcing a series of offerings designed to help global organizations secure against geopolitical cyber risks and uplift their strategic thinking.
Case Study of Cyber-Resilience in Wartime: Lessons from Ukraine’s Energy Sector
On January 25th, 2024, a major Distributed Denial-of-Service (DDoS) attack temporarily disabled the digital infrastructure of Naftogaz Group, Ukraine’s largest state-owned energy company. On the same day, an attack took other major companies offline—including the national postal service provider Ukrposhta, transport safety agency DSBT, and Ukrainian state railway Ukrazaliznytsia. Nevertheless, Ukrainian companies were able to restore access to their digital infrastructure rapidly, reaching full access within a few days.
The Neglected Security Gaps in the Global Race for Sovereign AI
| Written By Seungmin (Helen) Lee for World Politics Review |
In recent years, artificial intelligence has emerged as the most significant driver of global data center demand. Four tech giants—Amazon Web Services, Google, Meta and Microsoft—currently control 42 percent of U.S. data center capacity, and these companies spent $155 billion on AI infrastructure in the first half of 2025.
Next Peak Launches “Intelligent Cyber Research”
For the last decade, Next Peak co-founder Greg Rattray has been developing an idea around his passion for the intersection of geopolitics and cyber. Today, as geopolitical risks are increasing from emerging wars, domestic extremism, and erosion of global institutions, Next Peak officially launches a new branch: Intelligent Cyber Research (ICR)—finally bringing Greg’s idea into fruition.
Securing the Backbone of Artificial Intelligence: Protecting Data Centers
| By Seungmin (Helen) Lee | With the explosion in demand for artificial intelligence (AI) data centers to support the exponential integration of AI into businesses, operations, governments, and daily lives, the cybersecurity of AI data centers is becoming increasingly important. Given that AI data centers host AI models, weights, and training data, these centers face an expanded set of threats—particularly related to hardware, model, and geopolitical security. This report recommends a new framework to develop more cyber-secure AI data centers.
BLOG & PUBLICATIONS
US-Japan Cyber Cooperation: Meeting Challenges & Operationalizing Opportunities
| Written By Gregory Rattray and Seungmin (Helen) Lee | With the issuance of its 2022 National Security Strategy (NSS), Japan recognized cybersecurity as an area of priority concern. The process of implementing the NSS activities provides a unique opportunity for increased US-Japan cyber cooperation. Historically, positive diplomatic declarations of collaboration have occurred along with technical coordination within the computer emergency and response team (CERT) community. Yet, limitations exist in operationalizing the partnership at the national security level.
Driving Tangible Resilience Improvements
| By Gregory Rattray, Rico Brandenburg, and Matthew Gruber | The success of the resilience program hinges on getting front-line (business and support functions) buy-in, as the front line owns the delivery of the service. One of the biggest
challenges with traditional business continuity is that business continuity activities (for example, business impact analysis, business continuity planning) have not received the time and attention they deserve.
Stress Testing in a World of Compound Risks and Polycrises
Stress testing has become a tool of choice in banking for risk managers and regulators alike, and it is used more widely as a way to assess resilience to severely adverse events. Yet even the most creative risk manager would have been challenged to design a scenario that would have adequately captured the plethora of shocks that manifested from early 2020 to the present (April 2023). We make use of the polycrisis concept to motivate a rethinking of stress test design.
The Cyber Defense Assistance: Imperative Lessons from Ukraine
| Written By Gregory Rattray, Geoff Brown, and Robert Taj Moore | Russia’s further invasion of Ukraine in February 2022 was a watershed moment. Governments, citizens, and companies faced a choice—they could support Ukraine in its fight to defend its independence or they could sit back while Russia destroyed the post-war order that has stood since 1945. On an unprecedented scale, a major nation-state had engaged in coordinated, convergent digital and physical attacks in an effort to conquer a neighboring country.
Multilateral Cyber Action Committee (MCAC) led by Next Peak’s Greg Rattray, Releases Joint Statement
Greg Rattray, Executive Director, and Ian Pelekis, Senior Cyber Risk Analyst at Next Peak helped form and drive the activities Multilateral Cyber Action Committee (MCAC).
CDAC Featured on “Click Here” Podcast Episode: “Rounding up a cyber posse for Ukraine”
They call themselves the Cyber Defense Assistance Collaboration (CDAC), and it is the brainchild of Greg Rattray, a former chief information security officer at JP Morgan Chase. For months, he has been helping build a kind of public-private partnership to combat destructive cyberattacks. This is the first time he’s speaking in depth about the initiative publicly.
BLOG & PUBLICATIONS
US-Japan Cyber Cooperation: Meeting Challenges & Operationalizing Opportunities
| Written By Gregory Rattray and Seungmin (Helen) Lee | With the issuance of its 2022 National Security Strategy (NSS), Japan recognized cybersecurity as an area of priority concern. The process of implementing the NSS activities provides a unique opportunity for increased US-Japan cyber cooperation. Historically, positive diplomatic declarations of collaboration have occurred along with technical coordination within the computer emergency and response team (CERT) community. Yet, limitations exist in operationalizing the partnership at the national security level.
Driving Tangible Resilience Improvements
| By Gregory Rattray, Rico Brandenburg, and Matthew Gruber | The success of the resilience program hinges on getting front-line (business and support functions) buy-in, as the front line owns the delivery of the service. One of the biggest
challenges with traditional business continuity is that business continuity activities (for example, business impact analysis, business continuity planning) have not received the time and attention they deserve.
Stress Testing in a World of Compound Risks and Polycrises
Stress testing has become a tool of choice in banking for risk managers and regulators alike, and it is used more widely as a way to assess resilience to severely adverse events. Yet even the most creative risk manager would have been challenged to design a scenario that would have adequately captured the plethora of shocks that manifested from early 2020 to the present (April 2023). We make use of the polycrisis concept to motivate a rethinking of stress test design.
The Cyber Defense Assistance: Imperative Lessons from Ukraine
| Written By Gregory Rattray, Geoff Brown, and Robert Taj Moore | Russia’s further invasion of Ukraine in February 2022 was a watershed moment. Governments, citizens, and companies faced a choice—they could support Ukraine in its fight to defend its independence or they could sit back while Russia destroyed the post-war order that has stood since 1945. On an unprecedented scale, a major nation-state had engaged in coordinated, convergent digital and physical attacks in an effort to conquer a neighboring country.
Multilateral Cyber Action Committee (MCAC) led by Next Peak’s Greg Rattray, Releases Joint Statement
Greg Rattray, Executive Director, and Ian Pelekis, Senior Cyber Risk Analyst at Next Peak helped form and drive the activities Multilateral Cyber Action Committee (MCAC).
CDAC Featured on “Click Here” Podcast Episode: “Rounding up a cyber posse for Ukraine”
They call themselves the Cyber Defense Assistance Collaboration (CDAC), and it is the brainchild of Greg Rattray, a former chief information security officer at JP Morgan Chase. For months, he has been helping build a kind of public-private partnership to combat destructive cyberattacks. This is the first time he’s speaking in depth about the initiative publicly.