On March 14-15, the Atlantic Council held its 14th Annual Cyber 9/12 Strategy Challenge. This event gives students a chance to participate in a realistic, but hypothetical, cyber security crisis by analyzing the threat and providing recommendations on how to mitigate the crisis. Students are evaluated on written and oral policy briefs by a panel of expert judges. AU Cyber 9/12 teammates Regan Dolezal, SIS/MA ’26, and Daria Antonovska, SIS/MA ’26, provided this first-hand recap of the weekend.

This year, we were honored to represent American University at the Atlantic Council Cyber Statecraft Initiative Cyber 9/12 Challenge. As a team, we developed and presented a course of immediate and long-term actions to a mock National Security Council. Our goal was to address a ransomware attack that was launched by a Russian criminal cyber syndicate on a fictional healthcare system in rural Texas. The scenario evolved with each intelligence drop and by the semi-finals, the damage caused by the ransomware attack was compounded by a devastating EF3 tornado, damaging physical infrastructure in the impacted region. The overall experience aimed to simulate real crisis response, challenging us to work on limited and evolving information on a very tight timeline. After our team advanced to the semi-finals and took a small break, we started to work on the second written brief and strategy. This consisted of two hours for planning and two more hours to write a new brief. We managed to submit our final document by 2 a.m. and presented it the following morning.

We applied our knowledge of risk management, the cyber ecosystem, and emergency response at both domestic and international levels to help mitigate the impact on rural Texas. The scenario forced us to address pressing themes in cyberspace, including the consequences of legacy infrastructure, challenges of international attribution, and the vulnerable nexus of cybersecurity and critical infrastructure, along with many others. We presented our recommendations to the National Security Council twice—first on Friday, then again in Saturday’s semi-final round. Despite not advancing to the finals, we received an award for the “Best Policy Brief,” something we worked on for two weeks prior to the first round.

As a team, we benefited from the legal expertise of our Washington College of Law (WCL) counterparts and the strong policy foundation provided by SIS. By the end of the competition, it was clear that our range of knowledge and backgrounds allowed us to think holistically and develop an effective strategy that addressed legal and policy perspectives. Our coaches, SIS professor Joseph Walton and Christian Ohanian, senior fellow for WCL’s Tech, Law, and Security program, provided invaluable guidance and support, drawing from their experience in both the public and private sectors. We are especially grateful for their dedication, staying up late to help us with triage and planning for our final document and presentation. We were fortunate to work with a team of highly driven and energetic individuals, all inspired by the way our coaches guided and motivated us. Likewise, we owe thanks to WCL professor Melanie Teplinsky for providing us with feedback and support both before and throughout the competition.

Over these past weeks, we strengthened our teamwork and built lasting friendships. Hearing real-life stories from our coaches added depth to our experience making it even more impactful. Beyond the fun, we got a real glimpse of what awaits us after graduation—tackling real-world policy challenges and presenting to top decision-makers.

AUEagleSec Team Members: Daria Antonovska (SIS/ MA ‘26), Regan Dolezal (SIS/ MA ‘26), Benjamin Bui (WCL/JD ‘26), and Andrew Gallup (WCL/JD ‘25)

Coaches: Christian Ohanian (WCL) & Dr. Joseph Walton (SIS)