Template:Filtered Table: Difference between revisions

Revision as of 11:25, 2 August 2012

U.S. Government Report

U.S. Government Hearing

Non-U.S. Government Report

Independent Report

Industry Report

Book

Journal Article

Article

1. Overview

3. Threats and Actors

3.1 The Threat and Skeptics

3.2 Actors and Incentives

3.2.1 States

3.2.2 Groups

3.2.3 Hacktivists

3.2.4 Terrorists

3.2.5 Criminals and Criminal Organizations

3.3 Security Targets

3.3.1 Public Critical Infrastructure

3.3.1.1 Government Networks (.gov)

3.3.1.2 Military Networks (.mil)

3.3.2 Private Critical Infrastructure

3.3.2.1 Electricity, Oil and Natural Gas

3.3.2.2 Financial Institutions and Networks

3.3.2.3 Transportation

3.3.2.4 Water, Sewer, etc.

3.3.3 Communications

3.3.3.1 Telephone

3.3.3.2 Public Data Networks

3.3.3.3 Cloud Computing

4. Issues

4.1 Metrics

4.2 Economics of Cybersecurity

4.2.1 Risk Management and Investment

4.2.2 Incentives

4.2.3 Insurance

4.2.4 Behavioral Economics

4.2.5 Market Failure

4.3 Supply Chain Issues

4.4 Usability/Human Factors

4.5 Psychology and Politics

4.6 Information Sharing/Disclosure

4.7 Public-Private Cooperation

4.8 Attribution

4.9 Identity Management

4.10 Privacy

4.11 Cybercrime

4.12 Cyberwar

4.13 Espionage

4.13.1 Government to Government

4.13.2 Industrial

4.13.3 Media Perceptions

5. Approaches

5.1 Regulation/Liability

5.2 Private Efforts/Organizations

5.3 Government Organizations

5.4 International Cooperation

5.5 International Law (including Laws of War)

5.6 Deterrence

5.7 Technology

Author/Agency	Date	Title	Type	Category	Synopsis
Schneier, Bruce	2003	Beyond Fear	Book	3.2 Actors and Incentives, 4.5 Psychology and Politics, 5.6 Deterrence	Yes
Camp, L. Jean	2004	Economics of Information Security	Book	4.2 Economics of Cybersecurity, 5.1 Regulation/Liability	Yes
Grady, Mark F.	2006	The Law and Economics of Cybersecurity	Book	4.2 Economics of Cybersecurity, 5.1 Regulation/Liability	Yes
Johnson, Eric M.	2008	Managing Information Risk and the Economics of Security	Book	4.2 Economics of Cybersecurity, 4.2.1 Risk Management and Investment, 5.1 Regulation/Liability	Yes
Schneier, Bruce	2008	Schneier on Security	Book	3.2 Actors and Incentives, 4.4 Usability/Human Factors, 5.1 Regulation/Liability	Yes
Anderson, Ross J.	2008	Security Engineering	Book	3.2 Security Targets, 4.2 Economics of Cybersecurity, 5.1 Regulation/Liability	Yes
Zittrain, Jonathan L.	2008	The Future of the Internet and How To Stop It	Book	4.4 Usability/Human Factors, 5.1 Regulation/Liability	Yes
Kramer, Franklin D., et. al	2009	Cyberpower and National Security	Book	1. Overview	Yes
Clarke, Richard A.	2010	Cyber War	Book	3.1 The Threat and Skeptics, 3.2.1 States, 4.12 Cyberwar	Yes
Camp, L. Jean	2004	Pricing Security	Book	4.2.1 Risk Management and Investment, 4.2.2 Incentives	Yes
Varian, Hal	2004	System Reliability and Free Riding	Book	4.2 Economics of Cybersecurity	Yes
Gandal, Neil	2008	An Introduction to Key Themes in the Economics of Cyber Security	Book	4.2 Economics of Cybersecurity, 4.2.2 Incentives, 5.7 Technology	Yes
Moore, Tyler	2008	The Impact of Incentives on Notice and Take-down	Book	4.2.2 Incentives, 4.11 Cybercrime, 5.4 International Cooperation	Yes
Nye, Joseph	2010	Cyber Power	Book	4.12 Cyberwar, 4.13 Espionage, 5.5 International Law (including Laws of War)	Yes
Anderson, Ross	2001	Why Information Security is Hard	Article	4.2.1 Risk Management and Investment, 4.2.2 Incentives, 5.1 Regulation/Liability	Yes
Schmitt, Michael N., et. al	2004	Computers and War	Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Bohme, Rainer	2005	Cyber-Insurance Revisited	Article	4.2.2 Incentives, 4.2.3 Insurance, ,4.2.5 Market Failure	Yes
Bohme, Rainer	2006	Models and Measures for Correlation in Cyber-Insurance	Article	4.2.3 Insurance, 5.2 Private Efforts/Organizations	Yes
Franklin, Jason, et. al	2007	An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants	Article	3.2.5 Criminals and Criminal Organizations, 4.2 Economics of Cybersecurity, 4.11 Cybercrime	Yes
Moore, Tyler	2007	Examining the Impact of Website Take-down on Phishing	Article	4.2 Economics of Cybersecurity, 4.11 Cybercrime, 5.7 Technology	Yes
Romanosky et al.	2008	Do Data Breach Disclosure Laws Reduce Identity Theft	Article	4.2.2 Incentives, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability	Yes
Moore, Tyler	2008	The Consequence of Non-Cooperation in the Fight Against Phishing	Article	3.3.2.2 Financial Institutions and Networks, 4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure	Yes
Bohme, Rainer	2010	Modeling Cyber-Insurance	Article	4.2.2 Incentives, 4.2.3 Insurance, ,5.2 Private Efforts/Organizations	Yes
Rotenberg et. al.	2010	The Cyber War Threat Has Been Grossly Exaggerated	Article	3.1 The Threat and Skeptics, 3.2.1 States, 4.12 Cyberwar	Yes
GAO	2004-05-28	Technology Assessment: Cybersecurity for Critical Infrastructure Protection	U.S. Government Report	3.3 Security Targets, 4.7 Public-Private Cooperation, 5.7 Technology	No
U.S. Department of Energy, Infrastructure Security and Energy Restoration	2007-01-01	21 Steps to Improve Cyber Security of SCADA Networks	U.S. Government Report	3.3 Security Targets, 5.3 Government Organizations, 5.7 Technology	No
Wilson, Clay CRS	2007-03-20	Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues	U.S. Government Report	3.3 Security Targets, 4.12 Cyberwar	No
GAO	2008-07-31	Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability	U.S. Government Report	5.3 Government Organizations	No
DHS	2009-09-16	National Cyber Leap Year Summit 2009: Co-Chairs' Report	U.S. Government Report	3.3 Security Targets, 4.2 Economics of Cybersecurity, 4.8 Attribution	No
GAO	2009-09-24	Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	No
Federal Communications Commission (FCC)	2010-04-21	Explore the reliability and resiliency of commercial broadband communications networks	U.S. Government Report	3.3.3 Communications, 5.1 Regulation/Liability, 5.3 Government Organizations	No
Department of Energy, Idaho National Laboratory	2010-05-01	NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses	U.S. Government Report	3.3.2 Private Critical Infrastructure, 5.7 Technology	No
GAO	2010-06-03	Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development	U.S. Government Report	4.7 Public-Private Cooperation, 5.3 Government Organizations	No
General Accountability Office (GAO)	2010-07-15	Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed	U.S. Government Report	3.3 Security Targets, 4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation	No
National Institute of Standards and Technology (NIST)	2010-09-02	NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 5.1 Regulation/Liability, 5.3 Government Organizations	No
White House (Office of Science & Technology Policy)	2010-12-06	Partnership for Cybersecurity Innovation	U.S. Government Report	3.3.2.2 Financial Institutions and Networks, 4.7 Public-Private Cooperation, 5.3 Government Organizations	No
Kundra, Vivek	2010-12-09	25 Point Implementation Plan to Reform Federal Information Technology Management	U.S. Government Report	3.3.1.1 Government Networks (.gov), 3.3.3.3 Cloud Computing, 5.3 Government Organizations	No
Kerr, Paul K. et al. CRS	2010-12-09	The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability	U.S. Government Report	3.3 Security Targets, 4.12 Cyberwar, 5.4 International Law (including Laws of War)	No
White House	2010-12-16	Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology	U.S. Government Report	3.3.1 Public Critical Infrastructure, 4. Issues, 5. Approaches	No
General Accountability Office (GAO)	2011-01-12	Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 5.1 Regulation/Liability, 5.3 Government Organizations	No
North American Electric Reliability Corp. (NERC)	2011-01-26	Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability	No
Kundra, Vivek	2011-02-08	Federal Cloud Computing Strategy	U.S. Government Report	3.3.1.1 Government Networks (.gov), 3.3.3.3 Cloud Computing, 5.3 Government Organizations	No
James Clapper, Director of National Intelligence	2011-02-10	Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony)	U.S. Government Report	3.1 The Threat and Skeptics, 3.2 Actors and Incentives	No
General Accountability Office (GAO)	2011-03-16	Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems	U.S. Government Report	3. Threats and Actors, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	No
U.S. Army War College, Strategy Research Project	2011-03-24	China’s Cyber Power and America’s National Security	U.S. Government Report	3.2.1 States, 4.13 Espionage, 5.3 Government Organizations	No
U.S. Army War College	2011-05-09	Cyber Infrastructure Protection	U.S. Government Report		No
Federal Communications Commission (FCC)	2011-06-03	[ FCC's Plan for Ensuring the Security of Telecommunications Networks ftp://ftp.fcc.gov/pub/Daily_Releases/Daily_Business/2011/ db0610/DOC-307454A1.txt ]	U.S. Government Report		No
National Science Foundation	2011-08-11	At the Forefront of Cyber Security Research	U.S. Government Report	5.7 Technology	No
National Initiative for Cybersecurity Education	2011-08-11	National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation	U.S. Government Report	1. Overview, 5.3 Government Organizations	No
Office of the National Counterintelligence Executive	2011-11-03	Foreign Spies Stealing US Economic Secrets in Cyberspace	U.S. Government Report	3. Threats and Actors, 3.2 Actors and Incentives, 4.13 Espionage	No
DOD	2011-11-15	Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934	U.S. Government Report	4.12 Cyberwar, 5.3 Government Organizations, 5.7 Technology	No
National Initiative for Cybersecurity Education (NICE)	2011-11-21	NICE Cybersecurity Workforce Framework	U.S. Government Report	4.4 Usability/Human Factors, 5.3 Government Organizations	No
General Accountability Office (GAO)	2011-11-29	Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination	U.S. Government Report	3.3.1 Public Critical Infrastructure, 4.4 Usability/Human Factors, 5.3 Government Organizations	No
GAO	2012-01-13	Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements	U.S. Government Report	3.3.1.2 Military Networks (.mil), 4.7 Public-Private Cooperation	No
National Science Foundation	2012-01-17	Information Security Risk Taking	U.S. Government Report	4.1 Metrics, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations	No
Department of Defense	2012-04-11	Cyber Operations Personnel Report (DoD)	U.S. Government Report		No
Fischer, Eric A. CRS	2012-04-23	Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions	U.S. Government Report	3.3 Security Targets, 5.1 Regulation/Liability	No
Project on National Security Reform (PNSR)	2012-11-10	The Power of People: Building an Integrated National Security Professional System for the 21st Century	U.S. Government Report	4.4 Usability/Human Factors, 5.3 Government Organizations	No
Thom, Maxie	2006	Information Warfare Arms Control: Risks and Costs	U.S. Government Report	3.2.1 States, 4.12 Cyberwar, 5. Approaches	Yes
DHS	2007-06	Challenges Remain in Securing the Nation’s Cyber Infrastructure	U.S. Government Report	4.6 Information Sharing, 4.7 Public-Private Cooperation, 5.3 Government Organizations	No
White House	2009	Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure	U.S. Government Report	1. Overview, 4.7 Public-Private Cooperation	No
GAO	2009-07	Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses	U.S. Government Report	3.3.1.1 Government Networks (.gov), 5.3 Government Organizations	No
GAO	2009-09	Information Security: Concerted Effort Needed to Improve Federal Performance Measures	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	No
DHS	2009-11	A Roadmap for Cybersecurity Research	U.S. Government Report	1. Overview, 4.2.1 Risk Management and Investment	No
DHS	2010-08	DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems	U.S. Government Report	3.3.1.1 Government Networks (.gov), 5.3 Government Organizations	No
DHS	2010-09	National Cyber Incident Response Plan	U.S. Government Report	3. Threats and Actors, 5.3 Government Organizations	No
PCAST	2010-12	Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology	U.S. Government Report	4.3 Supply Chain Issues, 4.10 Privacy, 5.3 Government Organizations	No
White House	2011-04	National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management	No
Department of Justice	2011-04	The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat	U.S. Government Report	4.6 Information Sharing/Disclosure, 4.11 Cybercrime, 5.3 Government Organizations	No
White House	2011-05	International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World	U.S. Government Report	1. Overview	No
Department of Commerce, Internet Policy Task Force	2011-06	Cybersecurity, Innovation and the Internet Economy	U.S. Government Report	4.2 Economics of Cybersecurity, 4.7 Public-Private Cooperation	No
PCAST	2011-06	Report to the President on Ensuring American Leadership in Advanced Manufacturing	U.S. Government Report	4.2.1 Risk Management and Investment, 5.3 Government Organizations	No
Energy Sector Control Systems Working Group	2011-09	Roadmap to Achieve Energy Delivery Systems Cybersecurity	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation	No
DHS	2011-11	Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise	U.S. Government Report	3.3 Security Targets, 5.3 Government Organizations	No
NSTC	2011-12	Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program	U.S. Government Report	5.3 Government Organizations	No
White House	2012-01	National Strategy for Global Supply Chain Security	U.S. Government Report	4.3 Supply Chain Issues	No
White House	2012-02	Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy	U.S. Government Report	4.10 Privacy, 5.1 Regulation/Liability	No
Department of Energy	2012-04	The Department's Management of the Smart Grid Investment Grant Program	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 4.2.1 Risk Management and Investment	No
GAO	2003-08-27	Efforts to Improve Information sharing Need to Be Strengthened	U.S. Government Report	4.6 Information Sharing/Disclosure, 5.3 Government Organizations	No
White House/OMB	2009-05-29	Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure	U.S. Government Report	4. Issues, 5. Approaches	No
GAO	2009-11-17	Continued Efforts Are Needed to Protect Information Systems from Evolving Threats	U.S. Government Report	3.2 Actors and Incentives, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	No
White House/OMB	2010-03-02	Comprehensive National Cybersecurity Initiative (CNCI)	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations, 5.7 Technology	No
GAO	2010-03-05	Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	No
GAO	2010-03-16	Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	No
GAO	2010-03-24	Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at:	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	No
GAO	2010-04-12	Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations, 5.7 Technology	No
GAO	2010-06-16	Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	No
U.S. Navy	2010-06-17	DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance	U.S. Government Report	3.3.1.2 Military Networks (.mil), 5.3 Government Organizations	No
White House/OMB	2010-06-25	The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations	No
GAO	2010-07-01	Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations	No
White House/OMB	2010-07-06	Clarifying Cybersecurity Responsibilities	U.S. Government Report	5.3 Government Organizations	No
GAO	2010-07-15	Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed	U.S. Government Report	4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation, 5.3 Government Organizations	No
U.S. Air Force	2010-07-15	Cyberspace Operations: Air Force Doctrine Document 3-12	U.S. Government Report	3.3.1.2 Military Networks (.mil), 4.12 Cyberwar, 5.3 Government Organizations	No
Quadrennial Defense Review	2010-07-30	The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report)	U.S. Government Report	3.3.1.2 Military Networks (.mil), 5.3 Government Organizations	No
GAO	2010-08-02	United States Faces Challenges in Addressing Global Cybersecurity and Governance	U.S. Government Report	4.7 Public-Private Cooperation, 5.3 Government Organizations, 5.4 International Cooperation	No
GAO	2010-09-15	Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	No
GAO	2010-09-23	DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened	U.S. Government Report	3.3 Security Targets, 5.3 Government Organizations	No
GAO	2010-10-06	Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed	U.S. Government Report	5.1 Regulation/Liability, 5.3 Government Organizations	No
National Research Council, Committee for Advancing Software-Intensive Systems Producibility	2010-10-20	Critical Code: Software Producibility for Defense	U.S. Government Report	3.3.1.2 Military Networks (.mil), 5.3 Government Organizations, 5.7 Technology	No
GAO	2010-11-30	Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk	U.S. Government Report	3.3.3 Communications, 5.3 Government Organizations, 5.7 Technology	No
White House/OMB	2010-12-09	25 Point Implementation Plan to Reform Federal Information Technology Management	U.S. Government Report	4.2 Economics of Cybersecurity, 5.3 Government Organizations, 5.7 Technology	No
GAO	2011-01-12	Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 5.1 Regulation/Liability, 5.3 Government Organizations	No
White House	2011-02-13	Federal Cloud Computing Strategy	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations, 5.7 Technology	No
White House/OMB	2011-02-13	Federal Cloud Computing Strategy	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations, 5.7 Technology	No
GAO	2011-03-16	Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems	U.S. Government Report	3.3 Security Targets, 5.1 Regulation/Liability, 5.3 Government Organizations	No
White House	2011-04-15	Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations	No
White House	2011-04-15	National Strategy for Trusted Identities in Cyberspace	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations	No
White House/OMB	2011-05-12	Cybersecurity Legislative Proposal (Fact Sheet)	U.S. Government Report	4. Issues, 5.3 Government Organizations	No
White House/OMB	2011-05-16	International Strategy for Cyberspace	U.S. Government Report	4.6 Information Sharing/Disclosure, 5.3 Government Organizations, 5.4 International Cooperation	No
Department of Commerce	2011-06-14	Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations	No
GAO	2011-07-08	Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain	U.S. Government Report	3.3.1.1 Government Networks (.gov), 5.3 Government Organizations, 5.7 Technology	No
DOD	2011-07-14	Department of Defense Strategy for Operating in Cyberspace	U.S. Government Report	3.3.1.2 Military Networks (.mil), 5.3 Government Organizations	No
GAO	2011-07-25	Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities	U.S. Government Report	3.3.1.2 Military Networks (.mil), 5.3 Government Organizations	No
GAO	2011-07-26	Continued Attention Needed to Protect Our Nation’s Critical Infrastructure	U.S. Government Report	3.3 Security Targets, 5.1 Regulation/Liability, 5.3 Government Organizations	No
Software and Information Industry Association (SAII)	2011-07-26	Guide to Cloud Computing for Policy Makers	U.S. Government Report	3.3.3.3 Cloud Computing, 5.1 Regulation/Liability, 5.7 Technology	No
Secretary of the Air Force	2011-07-27	Legal Reviews of Weapons and Cyber Capabilities	U.S. Government Report	4.12 Cyberwar, 5.3 Government Organizations, 5.5 International Law (including Laws of War)	No
GAO	2011-07-29	Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates	U.S. Government Report	3.3.1.2 Military Networks (.mil), 4.2 Economics of Cybersecurity, 5.3 Government Organizations	No
General Accountability Office (GAO)	2011-07-29	Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates	U.S. Government Report	4.2 Economics of Cybersecurity, 5.3 Government Organizations	No
NIST	2011-09-01	Cloud Computing Reference Architecture	U.S. Government Report	3.3.3.3 Cloud Computing	No
White House/OMB	2011-09-14	FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa	U.S. Government Report	4.6 Information Sharing/Disclosure, 5.3 Government Organizations	No
GAO	2011-10-03	Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements	U.S. Government Report	3.3.1 Public Critical Infrastructure, 4.4 Usability/Human Factors, 5.3 Government Organizations	No
GAO	2011-10-05	Information Security: Additional Guidance Needed to Address Cloud Computing Concerns	U.S. Government Report	3.3.1 Public Critical Infrastructure, 3.3.3.3 Cloud Computing, 5.3 Government Organizations	No
GAO	2011-10-05	Information Security: Additional Guidance Needed to Address Cloud Computing Concerns	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations	No
White House/OMB	2011-10-07	Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information	U.S. Government Report	3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations	No
GAO	2011-10-17	Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management	U.S. Government Report	5.1 Regulation/Liability, 5.3 Government Organizations	No
GAO	2011-11-29	Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at:	U.S. Government Report	4.2 Economics of Cybersecurity, 4.4 Usability/Human Factors, 5.3 Government Organizations	No
NIST	2011-12-01	U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations	No
White House/OMB	2011-12-06	Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program	U.S. Government Report	5.3 Government Organizations, 5.7 Technology	No
White House/Office of Management and Budget (OMB)	2011-12-08	Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP)	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations	No
GAO	2011-12-09	Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use	U.S. Government Report	3.3 Security Targets, 5.1 Regulation/Liability, 5.3 Government Organizations	No
General Accountability Office (GAO)	2011-12-09	Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use	U.S. Government Report		No
Department of Energy (DOE) Inspector General	2012-01-01	The Department’s Management of the Smart Grid Investment Grant Program	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 5.3 Government Organizations	No
Federal CIO Council	2012-01-04	Federal Risk and Authorization Management Program (FedRAMP)	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations	No
Organization for Economic Co-operation and Development (OECD)	2012-01-10	ICT Applications for the Smart Grid: Opportunities and Policy Implications	U.S. Government Report		No
General Services Administration (GSA)	2012-02-07	Concept of Operations: FedRAMP	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations	No
DOD	2012-02-16	DOD Information Security Program: Overview, Classification, and Declassification	U.S. Government Report	4.6 Information Sharing/Disclosure, 5.3 Government Organizations	No
NIST	2012-02-17	Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations	No
GAO	2012-02-28	Cybersecurity: Challenges to Securing the Modernized Electricity Grid	U.S. Government Report		No
President's Commission on Critical Infrastructure Protection	1997	Critical Foundations	U.S. Government Report	3.3.2 Private Critical Infrastructure, 3.3.3 Communications, 5.3 Government Organizations	Yes
Department of Defense	1999	An Assessment of International Legal Issues in Information Operations	U.S. Government Report	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Department of Homeland Security	2003	The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets	U.S. Government Report	3.3.1 Public Critical Infrastructure, 3.3.2 Private Critical Infrastructure, 5.3 Government Organizations	Yes
White House	2003	The National Strategy to Secure Cyberspace	U.S. Government Report	4.7 Public-Private Cooperation, 5.3 Government Organizations, 5.4 International Cooperations	Yes
National Infrastructure Advisory Council	2004	Hardening The Internet	U.S. Government Report	3.3 Security Targets, 4.7 Public-Private Cooperation, 5.3 Government Organizations	Yes
National Cyber Security Summit Task Force	2004	Information Security Governance	U.S. Government Report	4.7 Public-Private Cooperation, 5.2 Private Efforts/Organizations, 5.3 Government Organizations	Yes
United States Secret Service	2004	Insider Threat Study	U.S. Government Report	3.3.2.2 Financial Institutions and Networks, 4.2.2 Incentives, 4.4 Usability/Human Factor	Yes
President's Information Technology Advisory Council	2005	Cyber Security: A Crisis of Prioritization	U.S. Government Report	4.2.2 Incentives, 4.7 Public-Private Cooperation, 5.3 Government Organizations	Yes
Department of Defense	2005	Strategy for Homeland Defense and Civil Support	U.S. Government Report	3.2.4 Terrorists, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	Yes
Deputy Chief of Staff for Intelligence	2006	Critical Infrastructure Threats and Terrorism	U.S. Government Report	3.3 Security Targets, 4.11 Cybercrime, 4.12 Cyberwar	Yes
National Science and Technology Council	2006	Federal Plan for Cyber Security and Information Assurance Research and Development	U.S. Government Report	4.1 Metrics, 4.7 Attribution, 4.8 Public-Private Cooperation	Yes
National Institute of Standards and Technology	2006	SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security	U.S. Government Report	3.3.1 Public Critical Infrastructure, .2.1 Risk Management and Investment, 5.2 Private Efforts/Organizations	Yes
Department of Defense	2007	Mission Impact of Foreign Influence on DoD Software	U.S. Government Report	3.2.4 Terrorists, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations	Yes
Department of Homeland Security	2009	A Roadmap for Cybersecurity Research	U.S. Government Report	3.3 Security Targets, 5.3 Government Organizations	Yes
White House	2009	Cyberspace Policy Review	U.S. Government Report	4.7 Public-Private Cooperation, 5.2 Private Efforts/Organizations, 5.3 Government Organizations	Yes
Networking and Information Technology Research and Development	2009	National Cyber Leap Year Summit 2009, Co-Chairs' Report	U.S. Government Report	4.6 Information Sharing/Disclosure, 4.9 Identity Management, 5.7 Technology	Yes
Department of Commerce	2010	Defense Industrial Base Assessment	U.S. Government Report	3.2.5 Criminals and Criminal Organizations, 3.3.1 Public Critical Infrastructure, 4.7 Public-Private Cooperation	Yes
White House	2010	The Comprehensive National Cybersecurity Initiative	U.S. Government Report	3.3.1 Public Critical Infrastructure, 3.3.2 Private Critical Infrastructure, 5.3 Government Organizations	Yes
U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs)	2010-009	Defending a New Domain	U.S. Government Report		No
DOD	2011-04	Cyber Operations Personnel Report (DOD)	Government Report		No
Department of Energy, Office of Electricity Delivery & Energy Reliability	1899-12-30	Cybersecurity for Energy Delivery Systems Program	Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 4.2.1 Risk Management and Investment, 5.3 Government Organizations	No
Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum	2009-09-15	National Security Threats in Cyberspace	Independent Report		No
IEEE/EastWest Institute	2010-05-26	The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report)	Independent Report	3.3.3 Communications, 4.7 Public-Private Cooperation, 5.4 International Cooperation	No
Pew Research Center’s Internet & American Life Project	2010-06-11	The future of cloud computing	Independent Report	3.3.3.3 Cloud Computing	No
Council on Foreign Relations	2010-07-15	Untangling Attribution: Moving to Accountability in Cyberspace [Testimony ]	Independent Report	3.2 Actors and Incentives, 4.8 Attribution, 5. Approaches	No
National Research Council	2010-09-21	Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop	Independent Report	4.2 Economics of Cybersecurity, 4.4 Usability/Human Factors, 4.10 Privacy	No
National Research Council	2010-10-05	Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy	Independent Report	3. Threats and Actors, 4. Issues, 5. Approaches	No
National Security Initiative	2010-10-18	American Security Challenge	Independent Report		No
Organisation for Economic Co-operation and Development (OECD)	2010-11-12	The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data	Independent Report	3. Threats and Actors, 5.7 Technology	No
Institute for Science and International Security	2010-12-22	Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment	Independent Report	3. Threats and Actors, 3.3 Security Targets, 5.7 Technology	No
Threat Level Blog (Wired)	2010-12-27	A Four-Day Dive Into Stuxnet’s Heart	Independent Report	3. Threats and Actors, 5.7 Technology	No
University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research	2011-01-13	Design of the DETER Security Testbed	Independent Report	5.3 Government Organizations, 5.7 Technology	No
EastWest Institute	2011-02-03	Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace	Independent Report	3.2.1 States, 5.4 International Cooperation, 5.5 International Law (including Laws of War)	No
Massachusetts Institute of Technology (MIT)	2011-12-05	The Future of the Electric Grid	Independent Report	3.3.2.1 Electricity, Oil and Natural Gas, 4. Issues, 5.1 Regulation/Liability	No
RAND	2011-12-21	A Cyberworm that Knows No Boundaries	Independent Report	3. Threats and Actors, 5.3 Government Organizations, 5.7 Technology	No
National Association of Secretaries of State	2012-01-12	Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices	Independent Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations	No
Center for a New American Security	2012-06-11	America’s Cyber Future: Security and Prosperity in the Information Age	Independent Report	1. Overview, 4. Issues, 5. Approaches	No
National Security Cyberspace Institute	2012-07-11	Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies	Independent Report		No
Centre for Secure Information Technologies	2012-09-11	World Cybersecurity Technology Research Summit (Belfast 2011)	Independent Report		No
Business Roundtable	2012-10-11	Mission Critical: A Public-Private Strategy for Effective Cybersecurity	Independent Report		No
Mitre Corp (JASON Program Office)	2012-11-10	Science of Cyber-Security	Independent Report	1. Overview, 4. Issues	No
Cloud Security Alliance	2012-12-09	Security Guidance for Critical Areas of Focus in Cloud Computing V2.1	Independent Report	3.3.3.3 Cloud Computing, 4. Issues, 5.2 Private Efforts/Organizations	No
CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies	2011-01	Cybersecurity Two Years Later	Independent Report	3. Threats and Actors, 5. Approaches, 5.3 Government Organizations	No
National Research Council	1999	Trust in Cyberspace	Independent Report	3.3.3.2 Public Data Networks, 4.2.2 Incentives, 4.7 Public-Private Cooperation	Yes
Institute for Information Infrastructure Protection	2003	Cyber Security Research and Development Agenda	Independent Report	4.1 Metrics, 4.2.1 Risk Management and Investment, 5.1 Regulation/Liability	Yes
Computing Research Association	2003	Four Grand Challenges in Trustworthy Computing	Independent Report	4.4 Usability/Human Factors, 4.6 Information Sharing/Disclosure, 4.9 Identity Management	Yes
Dörmann, Knut	2004	Applicability of the Additional Protocols to Computer Network Attacks	Independent Report	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Energetics Inc.	2006	Roadmap to Secure Control Systems in the Energy Sector	Independent Report	3.3.1 Public Critical Infrastructure, 4.7 Public-Private Cooperation	Yes
National Research Council	2007	Toward a Safer and More Secure Cyberspace	Independent Report	1. Overview, 4.8 Attribution, 5.6 Deterrence	Yes
Financial Services Sector Coordinating Council for Critical Infrastructure Protection	2008	Research Agenda for the Banking and Finance Sector	Independent Report	3.3.2.2 Financial Institutions and Networks, 4.1 Metrics, 4.2.1 Risk Management and Investment	Yes
Center for Strategic and International Studies	2008	Securing Cyberspace for the 44th Presidency	Independent Report	4.7 Public-Private Cooperation, 5.1 Regulation/Liability, 5.4 International Cooperation	Yes
National Cyber Defense Initiative	2009	National Cyber Defense Financial Services Workshop Report	Independent Report	3.3.2.2 Financial Institutions and Networks, 4.2.1 Risk Management and Investment, 5.3 Government Organizations	Yes
International Instrument Users Association (WIB)	2010-11-10	WIB Security Standard Released	Industry Report	3.3 Security Targets, 5.4 International Cooperation	No
Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America	2011-03-08	Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper	Industry Report	4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation, 5. Approaches	No
McAfee and Center for Strategic and International Studies (CSIS)	2011-04-21	In the Dark: Crucial Industries Confront Cyberattacks	Industry Report	3. Threats and Actors, 3.3.2 Private Critical Infrastructure, 4.7 Public-Private Cooperation	No
Cyber Security Forum Initiative	2011-05-09	Cyber Dawn: Libya	Industry Report	3. Threats and Actors, 4. Issues, 5. Approaches	No
National Cyber Security Alliance and Microsoft	2011-05-13	2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey	Industry Report	4.4 Usability/Human Factors	No
McAfee	2011-08-02	Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years	Industry Report	3.2.1 States, 3.3 Security Targets, 4.13 Espionage	No
Symantec	2011-10-24	W32.Duqu: The Precursor to the Next Stuxnet	Industry Report	3. Threats and Actors, 5.7 Technology	No
Booz Allen Hamilton and the Economist Intelligence Unit	2012-01-15	Cyber Power Index	Industry Report	4. Issues, 4.1 Metrics, 5. Approaches	No
McAfee	2012-02-01	Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World	Industry Report	3. Threats and Actors, 4. Issues, 5. Approaches	No
Business Software Alliance	2012-02-02	Global Cloud Computing Scorecard a Blueprint for Economic Opportunity	Industry Report	3.3.3.3 Cloud Computing	No
McAfee and the Security Defense Agenda	2012-02-12	Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World	Industry Report	1. Overview, 4. Issues, 5. Approaches	No
Microsoft	2012-11-10	Information Security Management System for Microsoft Cloud Infrastructure	Industry Report	3.3.3.3 Cloud Computing, 5.2 Private Efforts/Organizations	No
Computer Economics, Inc.	2007	2007 Malware Report	Industry Report	4.2 Economics of Cybersecurity	Yes
Verizon	2010	2010 Data Breach Investigations Report	Industry Report	3.3.2.2 Financial Institutions and Networks, 4.11 Cybercrime, 5.2 Private Efforts/Organizations	Yes
HP TippingPoint DVLabs	2010	2010 Top Cyber Security Risks Report	Industry report	4.11 Cybercrime, 5.7 Technology	Yes
McAfee, Inc.	2010	McAfee Threats Report	Industry Report	3.2.3 Hacktivists, 3.2.5 Criminals and Criminal Organizations, 4.11 Cybercrime	Yes
Symantec Corporation	2010	Symantec Global Internet Security Threat Report	Industry Report	3.3.2.2 Financial Institutions and Networks, 4.2 Economics of Cybersecurity, 4.11 Cybercrime	Yes
Trend Micro Incorporated	2010	Trend Micro Annual Report	Industry Report	4.11 Cybercrime	Yes
Journal of Strategic Studies	2011-10-05	Cyber War Will Not Take Place	Journal Article		No
Schmitt Michael N	2002	Wired warfare: Computer network attack and jus in bello	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Schmitt Michael N	2004	Direct Participation in Hostilities and 21st Century Armed Conflict	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Graham David E	2010	Cyber Threats and the Law of War	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Dunlap Charles J, Jr	2011	Perspectives for Cyber Strategists on Law for Cyberwar	Journal Article	4.12 Cyberwar, 5.3 Government Organizations, 5.5 International Law (including Laws of War)	Yes
Kobayashi, Bruce H.	2006	An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods	Journal Article	4.2 Economics of Cybersecurity, 4.2.2 Incentives, 5.6 Deterrence	Yes
Stohl, Michael	2006	Cyber Terrorism	Journal Article	3.2.3 Hacktivists, 3.2.4 Terrorists, 4.5 Psychology and Politics	Yes
Arora et al.	2006	Does Information Security Attack Frequency Increase With Vulnerability Disclosure	Journal Article	4.2.1 Risk Management and Investment, 4.6 Information Sharing/Disclosure	Yes
Lernard, Thomas M.	2006	Much Ado About Notification	Journal Article	4.6 Information Sharing/Disclosure, 5.1 Regulaiton/Liability	Yes
Anderson, Ross	2006	The Economics of Information Security	Journal Article	4.2 Economics of Cybersecurity, 5.1 Regulation/Liability, 5.7 Technology	Yes
Thomas, Rob	2006	The Underground Economy	Journal Article	3.2.5 Criminals and Criminl Organizations, 3.3.2.2 Financial Institutions and Networks, 4.11 Cybercrime	Yes
Telang, Rahul	2007	Impact of Software Vulnerability Announcements on the Market Value of Software Vendors	Journal Article	4.1 Metrics, 4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure	Yes
Korns, Stephen W.	2009	Cyber Operations	Journal Article	4.8 Attribution, 4.12 Cyberwar, 5.6 Deterrence	Yes
Moore, Tyler, et. al	2009	The Economics of Online Crime	Journal Article	3.2.5 Criminals and Criminal Organizations, 3.3.2.2 Financial Institutions and Networks, 4.2 Economics of Cybersecurity	Yes
Schmitt, Michael N.	1999	Computer Network Attack and the Use of Force in International Law	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Barkham, Jason	2001	Information Warfare and International Law on the Use of Force	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Swire, Peter P.	2004	A Model for When Disclosure Helps Security	Journal Article	4.2.2 Incentives, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability	Yes
Aviram, Amitai	2004	Overcoming Impediments to Information Sharing	Journal Article	4.2.1 Risk Management and Investment, 4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation	Yes
Johnson, Vincent R.	2005	Cybersecurity, Identity Theft, and the Limits of Tort Liability	Journal Article	4.9 Identity Management, 4.10 Privacy, 5.1 Regulation/Liability	Yes
Powell, Benjamin	2005	Is Cybersecurity a Public Good	Journal Article	4.2 Economics of Cybersecurity, 4.2.5 Market Failure, 5.1 Regulation/Liability	Yes
Granick, Jennifer Stisa	2005	The Price of Restricting Vulnerability Publications	Journal Article	4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability	Yes
Brown, Davis	2006	A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict	Journal Article	3.3.2.1 Military networks (.gov), 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Swire, Peter P.	2006	A Theory of Disclosure for Security and Competitive Reasons	Journal Article	4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability	Yes
Schwartz, Paul	2007	Notification of Data Security Breaches	Journal Article	4.2.2 Incentives, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability	Yes
Hollis, Duncan B.	2007	Why States Need an International Law for Information Operations	Journal Article	4.12 Cyberwar, 4.13 Government to Government Espionage, 5.5 International Law (including Laws of War)	Yes
Epstein, Richard A.	2008	Cybersecurity in the Payment Card Industry	Journal Article	3.2.5 Criminals and Criminal Organizations, 4.11 Cybercrime, 5.1 Regulation/Liability	Yes
Todd, Graham H.	2009	Armed Attack in Cyberspace	Journal Article	3.2.1 States, 4.8 Attribution, 5.5 Internaitonal Law (including Laws of War)	Yes
Beard, Jack M.	2009	Law and War in the Virtual Era	Journal Article	4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Sklerov, Matthew J.	2009	Solving the Dilemma of State Responses to Cyberattacks	Journal Article	3.2.1 States, 4.8 Attribution, 5.5 Internaitonal Law (including Laws of War)	Yes
Watts, Sean	2010	Combatant Status and Computer Network Attack	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
International Telecommunications Union	2012-02-10	ITU Toolkit for Cybercrime Legislation	Independent Report		No
Varian, Hal	2000	Managing Online Security Risks	Article	4.2 Economics of Cybersecurity, 4.2.1 Risk Management and Investment	Yes
European Network and Information Security Agency	2010-10-07	Stuxnet Analysis	Non-U.S. Government Report	3. Threats and Actors, 5.7 Technology	No
European Network and Information Security Agency (ENISA)	2011-04-11	Resilience of the Internet Interconnection Ecosystem, at:	Non-U.S. Government Report	3. Threats and Actors, 4. Issues, 5. Approaches	No
Cabinet Office (United Kingdom)	2012-11-11	The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world	Non-U.S. Government Report	3. Threats and Actors, 4.7 Public-Private Cooperation, 5.3 Government Organizations	No
van Eeten, Michel J. G.	2008	Economics of Malware	Non-U.S. Government Report	4.2 Economics of Cybersecurity	Yes
Lernard, Thomas M.	2005	An Economic Analysis of Notification Requirements for Data Security Breaches	Article	4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability	Yes
Clinton, Larry	Undated	Cyber-Insurance Metrics and Impact on Cyber-Security	Article	4.2.3 Insurance, 5.2 Private Efforts/Organizations	Yes
Dunlap, Charles J. Jr.	2009	Towards a Cyberspace Legal Regime in the Twenty-First Century	Article	4.5 Psychology and Politics, 4.12 Cyberwar, 5.5 International Law (including Laws of War)	Yes
Anderson, Ross, et. al	2008	Security Economics and the Internal Market	Article	4.2 Economics of Cybersecurity, 4.11 Cybercrime, 5.6 Deterrence	Yes
U.S. House Permenant Select Committee on Intelligence	2011-02-10	World Wide Threats	U.S. Government Hearing	3.1 The Threat and Skeptics, 5.1 Regulation/Liability, 5.3 Government Organizations	No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2011-02-11	Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities	U.S. Government Hearing	3.3.2 Private Critical Infrastructure, 5.1 Regulation/Liability, 5.7 Technology	No
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2011-02-11	What Should the Department of Defense’s Role in Cyber Be?	U.S. Government Hearing	3.1 The Threat and Skeptics, 4.12 Cyberwar, 5.3 Government Organizations	No
U.S. Senate Committee on Homeland Security and Governmental Affairs	2011-02-17	Homeland Security Department’s Budget Submission for Fiscal Year 2012	U.S. Government Hearing		No
U.S. Senate Committee on Homeland Security and Governmental Affairs	2011-03-10	Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration	U.S. Government Hearing	3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations	No
U.S. Senate Committee on Energy and Natural Resources	2011-03-15	[ Cybersecurity and Critical Electric Infrastructure (closed)]	U.S. Government Hearing	3.3.2.1 Electricity, Oil and Natural Gas	No
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2011-03-16	2012 Budget Request from U.S. Cyber Command	U.S. Government Hearing	3.3.1.2 Military Networks (.mil), 4.2 Economics of Cybersecurity	No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2011-03-16	Examining the Cyber Threat to Critical Infrastructure and the American Economy	U.S. Government Hearing	3.1 The Threat and Skeptics, 3.3 Security Targets, 4.2 Economics of Cybersecurity	No
U.S. Senate Committee on Judiciary	2011-03-30	Oversight of the Federal Bureau of Investigation	U.S. Government Hearing	3. Threats and Actors, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations	No
U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power)	2011-03-31	Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs	U.S. Government Hearing	4.2 Economics of Cybersecurity, 5.3 Government Organizations	No
U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)	2011-04-12	Cyber Security: Responding to the Threat of Cyber Crime and Terrorism	U.S. Government Hearing	4.11 Cybercrime, 5.1 Regulation/Liability	No
U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations)	2011-04-15	Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology	U.S. Government Hearing	3.2.1 Governments, 4.12 Cyberwar, 4.13 Espionage	No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2011-04-15	DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure	U.S. Government Hearing	3.3.2 Private Critical Infrastructure, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability	No
U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2011-05-03	To receive testimony on the health and status of the defense industrial base and its science and technology-related elements	U.S. Government Hearing	3.3.1.2 Military Networks (.mil), 4.3 Supply Chain Issues, 5.3 Government Organizations	No
U.S. Senate Committee on Energy and Natural Resources	2011-05-05	Cybersecurity of the Bulk-Power System and Electric Infrastructure	U.S. Government Hearing	3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation	No
U.S. Senate Committee on Homeland Security and Governmental Affairs	2011-05-23	Protecting Cyberspace: Assessing the White House Proposal	U.S. Government Hearing	3.3 Security Targets, 5.1 Regulation/Liability	No
U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations)	2011-05-25	Cybersecurity: Assessing the Immediate Threat to the United States	U.S. Government Hearing	3.1 The Threat and Skeptics, 3.3.1 Public Critical Infrastructure, 4.7 Public-Private Cooperation	No
U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet)	2011-05-25	Cybersecurity: Problems Innovative Solutions to Challenging	U.S. Government Hearing	4.7 Public-Private Cooperation, 4.11 Cybercrime, 5.2 Private Efforts/Organizations	No
U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education)	2011-05-25	Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts	U.S. Government Hearing	3.3.1.1 Government Networks (.gov), 5.3 Government Organizations, 5.7 Technology	No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies)	2011-05-26	Unlocking the SAFETY Act’s [Support Anti-terrorism by Fostering Effective Technologies - P.L. 107-296 Potential to Promote Technology and Combat Terrorism]	U.S. Government Hearing	4.11 Cybercrime, 5.1 Regulation/Liability, 5.7 Technology	No
U.S. House Committee on Energy and Commerce	2011-05-31	Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act	U.S. Government Hearing	3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability	No
U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade)	2011-06-02	Sony and Epsilon: Lessons for Data Security Legislation	U.S. Government Hearing	4.9 Identity Management, 5.1 Regulation/Liability, 5.2 Private Efforts/Organizations	No
U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing)	2011-06-15	Discussion Draft of H.R. ___, a bill to require greater protection for sensitive consumer data and timely notification in case of breach	U.S. Government Hearing	4.6 Information Sharing/Disclosure, 4.10 Privacy, 5.1 Regulation/Liability	No
U.S. Senate Committee on Banking, Housing and Urban Affairs	2011-06-21	Cybersecurity and Data Protection in the Financial Sector	U.S. Government Hearing	3.3.2.2 Financial Institutions and Networks, 4.10 Privacy, 5.1 Regulation/Liability	No
U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)	2011-06-21	Cybersecurity: Evaluating the Administration’s Proposals	U.S. Government Hearing	1. Overview, 5.1 Regulation/Liability, 5.3 Government Organizations	No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2011-06-24	Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal	U.S. Government Hearing	3.3.1.1 Government Networks (.gov), 4.9 Identity Management, 5.3 Government Organizations	No
U.S. House Committee on Financial Services (field hearing in Hoover, AL)	2011-06-29	Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information	U.S. Government Hearing	3.3.2.2 Financial Institutions and Networks, 5.1 Regulation/Liability	No
U.S. Senate Committee on Commerce, Science and Transportation	2011-06-29	Privacy and Data Security: Protecting Consumers in the Modern World	U.S. Government Hearing	4.9 Identity Management, 4.10 Privacy, 5.1 Regulation/Liability	No
U.S. House Committee on Oversight and Government Reform	2011-07-07	Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat	U.S. Government Hearing	3.3 Security Targets, 4.7 Public-Private Cooperation, 5.3 Government Organizations	No
U.S. House Committee on Science, Space and Technology	2011-07-21	Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011	U.S. Government Hearing	4.2.1 Risk Management and Investment, 5.1 Regulation/Liability, 5.7 Technology	No
U.S. Senate Committee on Small Business and Entrepreneurship	2011-07-25	Role of Small Business in Strengthening Cybersecurity Efforts in the United States	U.S. Government Hearing	4.2.2 Incentives, 4.7 Public-Private Cooperation	No
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)	2011-07-26	Cybersecurity: Infrastructure An Overview of Risks to Critical	U.S. Government Hearing	3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation, 5.3 Government Organizations	No
U.S. Senate Committee on Judiciary	2011-09-07	Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats	U.S. Government Hearing	3.11 Cybercrime, 4.13 Industrial Espionage, 5.1 Regulation/Liability	No
U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit)	2011-09-14	Combating Cybercriminals	U.S. Government Hearing	3.3.1.1 Government Networks (.gov), 3.3.2.2 Financial Institutions and Networks, 5.7 Government Organizations	No
U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation)	2011-09-21	The Cloud Computing Outlook	U.S. Government Hearing	3.3.3.3 Cloud Computing, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability	No
U.S. House Permenant Select Committee on Intelligence	2011-10-04	Cyber Threats and Ongoing Efforts to Protect the Nation	U.S. Government Hearing	4.7 Public-Private Cooperation, 4.13 Industrial Espionage, 5.4 International Cooperation	No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology)	2011-10-06	Cloud Computing: What are the Security Implications?	U.S. Government Hearing	3.3.3.3 Cloud Computing, 4.13 Espionage, 5.3 Government Organizations	No
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2011-11-03	Institutionalizing Irregular Warfare Capabilities	U.S. Government Hearing	4.12 Cyberwar	No
U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security)	2011-11-15	Cybersecurity: Protecting America’s New Frontier	U.S. Government Hearing	4.10 Privacy, 4.11 Cybercrime	No
U.S. House Committee on the Judiciary	2011-11-16	Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act)	U.S. Government Hearing	4.11 Cybercrime, 5.1 Regulation/Liability	No
U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology)	2011-12-01	Cyber Security: Protecting Your Small Business	U.S. Government Hearing	4.2.1 Risk Management and Investment, 5.1 Regulation/Liability	No
U.S. House Permenant Select Committee on Intelligence	2011-12-01	Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011	U.S. Government Hearing	4.6 Information Sharing, 5.1 Regulation/Liability	No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2011-12-06	Hearing on Draft Legislative Proposal on Cybersecurity	U.S. Government Hearing	3.1 The Threat and Skeptics, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability	No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2012-02-01	Consideration and Markup of H.R. 3674	U.S. Government Hearing	4.6 Information Sharing, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability	No
U.S. Senate Committee on Homeland Security and Governmental Affairs	2012-02-16	Securing America’s Future: The Cybersecurity Act of 2012	U.S. Government Hearing	3.3.2 Private Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability	No
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)	2012-02-28	Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security	U.S. Government Hearing	3.3.2.1 Electricity, Oil and Natural Gas, 4.2.1 Risk Management and Investment	No
U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight)	2012-02-29	NASA Cybersecurity: An Examination of the Agency’s Information Security	U.S. Government Hearing	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations, 5.7 Technology	No
U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)	2012-03-07	Cybersecurity:Networks The Pivotal Role of Communications	U.S. Government Hearing	3.3.3 Communications, 5.3 Government Organizations, 5.7 Technology	No
U.S. Senate Committee on Judiciary	2012-03-13	The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know	U.S. Government Hearing	3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability	No
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2012-03-20	Fiscal 2013 Defense Authorization: IT and Cyber Operations	U.S. Government Hearing	4.2.1 Risk Management and Investment, Government Organizations	No
U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2012-03-20	To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program	U.S. Government Hearing	4.2.1 Risk Management and Investment, 4.12 Cyberwar, 5.3 Government Organizations	No
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)	2012-03-27	IT Supply Chain Security: Review of Government and Industry Efforts	U.S. Government Hearing	4.3 Supply Chain Issues	No
U.S. Senate Committee on Armed Services	2012-03-27	To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program.	U.S. Government Hearing	3.2.1 States, 4.2 Economics of Cybersecurity, 4.12 Cyberwar	No
U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)	2012-03-28	Cybersecurity:Threats to Communications Networks and Public-Sector Responses	U.S. Government Hearing	3.3.3 Communications, 4.7 Public-Private Cooperation, 5.3 Government Organizations	No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)	2012-04-19	The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development	U.S. Government Hearing	4.2.1 Risk Management and Investment, 5.3 Government Organizations, 5.7 Technology	No
U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management)	2012-04-24	America is Under Cyber Attack: Why Urgent Action is Needed	U.S. Government Hearing	3.1 The Threat and Skeptics, 3.12 Actors and Incentives	No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)	2012-04-26	Iranian Cyber Threat to U.S. Homeland	U.S. Government Hearing	3.2.1 States, 3.3 Security Targets, 4.12 Cyberwar	No

Template:Filtered Table: Difference between revisions

Revision as of 11:25, 2 August 2012

Navigation menu

Search