David Kertai
David Kertai is a research assistant specializing in cybersecurity at ITIF. He holds a B.A. in European studies and French from the University of Washington and is pursuing a Master's in security policy studies at George Washington University.
Research Areas
Recent Publications
Closing the Gaps in the Strengthening Cyber Resilience Act
The Strengthening Cyber Resilience Against State-Sponsored Threats Act is a timely and necessary response to the growing threat posed by state-sponsored cyber actors, particularly from China, but Congress should further refine it to truly future-proof the nation’s cybersecurity posture.
From Trade Deals to Trojan Horses: China’s Expanding Digital Aggression on Europe
China has spent the last five years escalating a coordinated cyber campaign against Europe—targeting lawmakers, infrastructure, and institutions—even as the EU considers deepening economic ties, exposing a dangerous contradiction in its approach to Beijing.
Hardening US Infrastructure Before a Potential Iranian Cyber Attack
Iran’s growing cyber capabilities, combined with recent geopolitical tensions, pose a serious threat to U.S. critical infrastructure, requiring urgent federal action to strengthen digital defenses and build long-term resilience.
Texas’s New Cyber Command Offers a Model for Other States
Texas's new Cyber Command Center strengthens defenses against rising cyber threats and builds a long-term cybersecurity workforce—offering a model other states can follow.
Congress Should Fund the Cybersecurity and Infrastructure Security Agency
Despite the importance of protecting critical infrastructure from a growing array of digital threats, some members of Congress want to cut funding for the federal agency responsible for cybersecurity in its upcoming budget.
Salt Typhoon Exposes US Cyber Vulnerabilities
To strengthen U.S. cybersecurity leadership and effectively counter cyber threats, the administration should enhance interagency coordination with a central cybercrime database, collaborate with the private sector to address cybersecurity gaps in critical infrastructure, standardize data breach reporting, and build international coalitions for global cyber norms.