Jason Healey is a Senior Research Scholar at Columbia University’s School for International and Public Affairs specializing in cyber conflict and cyber risk. He also serves as a part-time senior cybersecurity strategist with the National Risk Management Center of the U.S. Cybersecurity and Infrastructure Security Agency. Prior to joining SIPA, he was the founding director of the Cyber Statecraft Initiative of the Atlantic Council where he remains a Senior Fellow. Healey was the editor of the first history of conflict in cyberspace, A Fierce Domain: Cyber Conflict, 1986 to 2012 and co-authored the book Cyber Security Policy Guidebook by Wiley. He is on the review board of the Black Hat and DEF CON security and hacker conferences and served on the Defense Science Board task force on cyber deterrence. A frequent speaker on these issues, he is rated as a “top-rated” speaker for the RSA Conference and won the inaugural “Best of Briefing Award” at Black Hat.
Healey’s ideas on cyber topics have been widely published in over a hundred articles and essays published by the World Economic Forum, Aspen Strategy Group, Atlantic Council, and National Research Council. A Fierce Domain was reviewed favorably in the Economist and by numerous government leaders, including both the President of Estonia and former head of the CIA and NSA. Healey is also a founding board member and former president of the Cyber Conflict Studies Association and previously was adjunct faculty at National Cryptologic School, Georgetown University, and Johns Hopkins School of Advanced International Studies. He is an affiliate at Stanford University’s Center for International Security and Arms Control.
Healey was one of the pioneers of cyber threat intelligence and has unique experience working issues of cyber conflict and security spanning twenty years across the public and private sectors. As Director for Cyber Infrastructure Protection at the White House from 2003 to 2005, he helped advise the President and coordinated US efforts to secure US cyberspace and critical infrastructure. Healey has worked twice for Goldman Sachs, first to anchor their team for responding to cyber attacks and later, as an executive director in Hong Kong to manage Asia-wide business continuity and create the bank’s regional crisis management capabilities to respond to earthquakes, tsunamis, or terrorist attacks. Immediately after the 9/11 attacks, his efforts at the Financial Services Information Sharing and Analysis Center (FS-ISAC) formed bonds between the finance sector and government that remain strong today. Healey founded that group’s work on cyber threat intelligence and continued to build the organization as its vice chair.
Starting his career in the United States Air Force, Healey earned two Meritorious Service Medals for his early work in cyber operations at Headquarters Air Force at the Pentagon and as a plankowner (founding member) of the Joint Task Force – Computer Network Defense, the world’s first joint cyber warfighting unit. Healey holds degrees from the United States Air Force Academy (1991, Political Science), Johns Hopkins University (Liberal Arts) and James Madison University (Information Security). He has been an improv comedian in Washington DC and Hong Kong.
Jason Healey et al., Cyber Security Policy Guidebook (Hoboken, NJ: Wiley, 2012).
Jason Healey, A Fierce Domain: Cyber Conflict, 1986 to 2012 (Arlington, VA: Cyber Conflict Studies Association, 2013).
Jason Healey and Klara Jordan, “Setting Priorities on Cybersecurity,” Democracy Today 40 (2016).
Jason Healey, “The Healthcare Internet of Things: Risks and Rewards,” Atlantic Council, 18 March 2015.
Jason Healey and Hannah Pitts, “Applying International Environmental Legal Norms to Cyber Statecraft,” I/S: A Journal of Law and Policy for the Information Society 8, no. 2 (2012): 356.
Jason Healey, “Claiming the Air Force’s Lost Cyber Heritage,” Strategic Studies Quarterly 6, no. 3 (2012): 11.
Jason Healey, “The Five Futures of Cyber Conflict and Cooperation,” Georgetown Journal of International Affairs, International Engagement on Cyber: Establishing International Norms and Improved Cybersecurity (2011): 110.
Jason Healey, “Four ways to address cyberconflict – and how analytics can help,” Intelligence Quarterly, a Journal of Advanced Analytics (2011).
Jason Healey, “The Spectrum of National Responsibility for Cyberattacks,” Brown Journal of World Affairs 18, no. 1 (2011): 57.
Jason Healey and Greg Rattray, “Categorizing and Understanding Offensive Cyber Capabilities and Their Use,” Proceedings of a Workshop on Deterring Cyber Attacks: Informing Strategies and Developing Options for U.S. Policy (2010).
Jason Healey, “Who’s in Control: Balance in Cyber’s Public-Private Sector Partnerships,” Georgetown Journal of International Affairs 18, no. 3 (2017): 120.
Jason Healey, “Global Implications of the US-China Cyber Relationship,” in Cybersecurity: Emerging Issues, Trends, Technologies and Threats in 2015 and Beyond, eds. Caitrίona Helena Heinl and Tan E. Guang Eugene (Singapore: S. Rajaratnam School of International Studies, 2016).
Michelle Cantos and Jason Healey, “What’s Next for Putin in Ukraine? Cyber Escalation,” in Cyber War in Perspective: Russian Aggression against Ukraine, ed. Kenneth Geers (Tallinn: NATO CCDCOE, 2015).
Jason Healey and Alexander Klimburg, “Strategic Goals & Stakeholders,” in National Cyber Security Framework Manual, ed. Alexander Klimburg, NATO Cooperative Cyber Defense Center of Excellence (2012).
Chris Evans, Jason Healey, and Greg Rattray, “American Security in the Cyber Commons,” in The Contested Commons: The Future of American Power in a Multipolar World (Washington, DC: Center for a New American Security, 2010).
Jason Healey and Eric Luiijf, “Organisational Structures and Considerations,” in National Cyber Security Framework Manual, ed. Alexander Klimburg, NATO Cooperative Cyber Defense Center of Excellence (2012).
Other Articles, Testimoney and Reports
Jason Healey, “Why the FBI will eventually reveal its iPhone hack to Apple,” Christian Science Monitor, 25 March 2016.
Jason Healey, “How NSA reorganization could squander remaining trust,” Christian Science Monitor, 4 February 2016.
Jason Healey, “Overcome by Cyber Risks? Economic Benefits and Costs of Alternate Cyber Futures,” Atlantic Council, 2015.
Jason Healey, “Poisoning the Internet won’t stop more Paris attacks,” Christian Science Monitor, 17 November 2015.
Jason Healey and Anni Piiparinen, “Did China Just Hack the International Court Adjudicating Its South China Sea Territorial Claims?” The Diplomat, 27 October 2015.
Jason Healey, “Even if flawed, cyber theft deal with China a win for Obama,” Christian Science Monitor, 25 September 2015.
Jason Healey, “Restraint is the best weapon against Chinese hacks,” Christian Science Monitor, 9 September 2015.
Jason Healey, “#CyberDeflategate and the beginning of sports hacking,” Christian Science Monitor, 19 June 2015.
Jason Healey, “Commentary: Cyber Command as a 5-Year-Old,” Defense News, 19 June 2015.
Jason Healey, “Estonia’s Democracy Goes Digital,” The National Interest, 17 March 2015.
Jason Healey, “Will 2015 be the year we shoot back in cyberspace?,” CSM Passcode, 13 March 2015.
Jason Healey, “Confidence Building Measures in Cyberspace: A Multistakeholder Approach for Stability and Security,” Atlantic Council, 4 November 2014.
Jason Healey, “The Internet: A Lawless Wild West?,” The National Interest, 11 June 2014.
Jason Healey and Dan Riordan, “Managing Internet Risks to prevent a cyber catastrophe,” Denver Post, 29 April 2014.
Jason Healey, “Beyond data breaches,” Atlantic Council Report with Zurich Insurance Group, 16 April 2014.
Jason Healey and Michael Kerner, “Surviving Cyber’s Subprime Moment,” US News and World Report, 16 April 2014.
Jason Healey, “How Emperor Alexander Militarized American Cyberspace,” Foreign Policy, 6 November 2013.
Jason Healey, “Time to split the Cyber ‘Deep State’ of NSA and Cyber Command,” Huffington Post, 2 October 2013.
Jason Healey, “Don’t Worry About Cyber Retaliation After a Syria Strike,” US News and World Report, 7 September 2013.
Jason Healey, “On China Cyber Espionage, US Should Shout But Also Listen,” Atlantic Council, 18 April 2013.
Jason Healey, “Stuxnet and the Dawn of Algorithmic Warfare,” Huffington Post, 16 April 2013.
Jason Healey, “North Korea’s Cyber Stunts Aren’t War, So Act Accordingly,” US News and World Report, 9 April 2013.
Jason Healey, “Cyberwar Isn’t An Existential Threat to the U.S.,” US News and World Report, 20 March 2013.
Jason Healey, “Obama’s Cyberwarfare Strategy Will Backfire,” US News and World Report, 8 March 2013.
Jason Healey, “How the U.S. Should Respond to Chinese Cyberespionage,” US News and World Report, 19 February 2013.
Jason Healey, “Addressing Cyber Instability,” Cyber Conflict Studies Association, 2012.
Jason Healey, “Cybersecurity Pipe Dreams,” The National Interest, 27 July 2012.
Jason Healey, “Cybersecurity Legislation Should Force US Government to Listen Less and Speak More,” The Atlantic, 15 March 2012.
Jason Healey, “Protecting Humanitarian Interests in Cyber Conflict,” Atlantic Council, 10 June 2011.
Jason Healey, “Select Foreign Response to the U.S. International Cyber Strategy,” Atlantic Council’s New Atlanticist Blog, 31 May 2011.
Jason Healey, “Bringing a Gun to a Knife Fight: Striking Back in Cyber Conflict,” Atlantic Council, 24 May 2011.
Jason Healey, “Cyber Workforce Ferris Wheel,” Atlantic Council, 3 May 2011.
Jason Healey, “America’s New Cyberspace Strategy,” Atlantic Council, 16 May 2011.
Jason Healey and Greg Rattray, “Threat and Promise of Non-State Cyber Actors,” America’s Cyber Future: Security and Prosperity in the Information Age (2011).
Jason Healey, “Breaking the Cyber-Sharing Logjam,” Atlantic Council, 1 February 2015.
Jason Healey, “Winning and Losing in Cyberspace,” 2016 8th International Conference on Cyber Conflict (2016): 37-49.