McCrary Institute for Cyber & Critical Infrastructure Security

Harnessing America’s cyber experts to safeguard our nation.


Auburn University’s McCrary Institute for Cyber and Critical Infrastructure Security seeks practical solutions to real-world problems, underpinned by research and scholarship. Founded in 2015 through a generous donation from the Alabama Power Foundation in honor of its retiring CEO and Auburn alumnus Charles D. McCrary, the Institute fuses theory with practice, and policy with technology, to protect and advance U.S. interests in the areas of cyber and critical infrastructure security.

The McCrary Institute is a nonpartisan think tank located at Auburn University, and is the leading group of public/private sector cyber experts providing unique end-to-end cyber capabilities from R&D, cybersecurity education/training, policy-relevant analysis, to future technology research.

As a top-tier research university, designated a Carnegie R1 institution, over 200 of Auburn’s on-campus faculty members conduct defense, cyber, and homeland security research for the Department of Defense, NASA, and other federal agencies.

Cyber Focus Podcast

Tim Starks is a senior reporter at CyberScoop with over two decades of experience in cyber reporting. In this episode he dives into the landscape of spyware, highlighting its impact on national security and individual privacy. The discussion with Frank Cilluffo also touches on the actions taken by the U.S. and Poland to address spyware threats, the significance of BGP (Border Gateway Protocol) in internet security, and the regulatory approaches to cybersecurity. Tim provides insights into the complexities of cyber threats, the role of policy, and the importance of a comprehensive understanding of cybersecurity issues.

Main Topics: 

  • Spyware's Impact on the Digital World
  • BGP and Internet Security
  • Regulatory Approaches to Cybersecurity

Key Quotes:

"The arc of the spyware story has been we're hearing more and more and more. We're seeing more and more and more. We're we're uncovering more and more. " - Tim Stark

[BGP] is the most important part of the Internet you haven't heard of. It's fundamental to everything." - Tim Starks

"The SEC's rules on cybersecurity disclosure have been...the most controversial. If you're talking about people being upset about them. There's bipartisan on the Hill disappointment or frustration or even rage sometimes about that, about those rules." - Tim Starks

Guest Bio: Tim Starks is a senior reporter at CyberScoop with over 20 years of experience in cyber reporting. He has previously worked at Washington Post, Politico, and Congressional Quarterly, covering a wide range of cybersecurity topics. Tim's expertise lies in investigating and reporting on complex cyber threats and the policies aimed at mitigating them.

Relevant Links and Resources:

Listen: Episode 29

In this episode of Cyber Focus, Frank Cilluffo explores the evolving landscape of cyber insurance with Matt McCabe. McCabe shares the history, current state, and future challenges of cyber insurance, emphasizing its critical role in national resilience against cyber threats. The discussion covers the fundamental coverage aspects of cyber insurance, the impact of ransomware, and the need for a federal backstop for catastrophic cyber incidents. McCabe also touches on the importance of collaboration between industry and government to enhance national cyber resilience.

Main Topics: 

  • Evolution of Cyber Insurance
  • Impact of Ransomware and Coverage Aspects
  • Market Growth and Nation-State Attacks
  • Challenges, Solutions, and Federal Backstop Framework
  • Future of Cyber Insurance and National Security

Key Quotes:

"Ransomware democratized cyber risk and cyber threats because the reality is everyone has got a bullseye on their target to one extent or another." - Frank Cilluffo"

"Cyber insurance routinely covers acts by nation-states, but the magnitude of losses is sometimes too great for the industry to absorb." - Matt McCabe

"This is not an insurance industry issue. This is a national economic security issue." - Matt McCabe​

"There's no building... resilience after the fact. The time to do it is now. Ultimately, if we were to have the incident, the government would be involved... But if you're doing it after the fact, it's a hurried response. It tends to increase the risk of waste, fraud and abuse." - Matt McCabe

Relevant Links:

Matt McCabe is the Managing Director at Guy Carpenter, specializing in cyber risk and insurance. With extensive experience in the industry, McCabe has served in various roles, including on Capitol Hill for the House Homeland Security Committee and in the Bush White House. His expertise lies in bridging the gap between cyber risk and insurance, contributing significantly to national discussions on cyber resilience.

Listen: Episode 28

In this episode of Cyber Focus, Frank Cilluffo sits down with Sue Gordon, a distinguished figure in the intelligence community. The discussion delves into her vast experiences, particularly focusing on the intersection of intelligence, national security, and cyber threats. Sue shares insights on the importance of public-private partnerships in cybersecurity, the evolving threat landscape, and the critical role of technology and innovation in maintaining national security. She also touches on the necessity of developing a skilled workforce to address future cyber challenges.

Main Topics

  • Public-Private Partnerships in Cybersecurity
  • Evolving Cyber Threat Landscape
  • National Security and Economic Security
  • Governance and Innovation in Cybersecurity
  • Space as a Critical Infrastructure
  • Workforce Development in Cybersecurity

Key Quotes

"Cyber threats are just a manifestation of the interests of our adversaries and competitors." - Sue Gordon

"When you think about cyber, think about it not just technically, but what the intention behind that. And when you do, you'll be much more thoughtful about seeing risk." - Sue Gordon

"You can't comply you're way out of it. You must be compliant. And there's some really wonderful standards that help people. But that isn't enough." - Sue Gordon

"Space is such a disproportionate advantage that it is a disproportionate target." -Sue Gordon

"It's not the capability, it's how integrated it is into your doctrine."  - Frank Cilluffo

"We've come a distance, but we can't be complacent because we're not far enough. We're better than we've ever been. We're not good enough to beat the turn of the earth right now." - Sue Gordon

Relevant Links:


Cyber Solarium Commission

Sue Gordon Sue Gordon is a renowned leader in the intelligence community, having served as the Principal Deputy Director of National Intelligence. She also held prominent positions at the National Geospatial-Intelligence Agency and the Central Intelligence Agency. Known for her innovative approaches and straight-shooter attitude, Sue has significantly contributed to advancing U.S. intelligence capabilities, particularly through her work with In-Q-Tel. A former captain of the Duke women's basketball team, she brings a unique perspective on leadership and teamwork to her roles.

Listen: Episode 27

Recent News

Applied Research, Development, & Commercialization

The McCrary Institute’s experts work to safeguard America as an applied research, development, and commercialization partner supporting government, military, national labs and industry clients.  We focus our work on critical infrastructure sectors including energy & water, space & defense, transportation, rural industries, and more. By leveraging a world class Southeast Cybersecurity Operations Center and classified labs, we help solve some of America’s greatest threats and challenges.

Research Focus