Difference between revisions of "Main Page"

From Cybersecurity Wiki
Jump to: navigation, search
(Key Resources)
(Cybersecurity Overview)
Line 8: Line 8:
 
==Cybersecurity Overview==
 
==Cybersecurity Overview==
  
The term “Cybersecurity” encompasses a range of issues from cybercrime to cyberwarefare. These in turn embrace a diverse set of activities and interests.
+
The term “Cybersecurity” encompasses a range of issues from [[Cybercrime]] to [[Cyberwar]]. These in turn embrace a diverse set of activities and interests.
  
Cybercrime, for example, can refer to a lone hacker breaking into a single computer to an organized network of computer criminals collecting thousands or millions of credit card numbers and/or personal information records from multiple sources. Responses to cybercrime range from offering incentives to individuals, manufacturers and/or corporations to protect against malware and botnet attacks to decisions about insurance and risk management.
+
Cybercrime, for example, can refer to a lone [[Keyword_Index_and_Glossary_of_Core_Ideas#Hacker | Hacker]] breaking into a single computer to an [[Keyword_Index_and_Glossary_of_Core_Ideas#Organized_Crime | organized network of computer criminals]] collecting thousands or millions of [[Keyword_Index_and_Glossary_of_Core_Ideas#Credit_Card_Fraud | credit card numbers]] and/or [[Keyword_Index_and_Glossary_of_Core_Ideas#Identity_Fraud.2FTheft | personal information records]] from multiple sources. Responses to cybercrime range from offering [[Incentives | incentives]] to individuals, manufacturers and/or corporations to protect against [[Keyword_Index_and_Glossary_of_Core_Ideas#Malware | malware]] and [[Keyword_Index_and_Glossary_of_Core_Ideas#Botnet | botnet attacks]] to decisions about [[Insurance | insurance]] and [[Risk_Management_and_Investment | risk management]].
  
Cyberwarfare attacks include covert espionage attacks against secure systems to collect sensitive national security information, distributed attacks against the civilian infrastructure to cause widespread failures of energy and/or communication systems or targeted attacks against military targets with the intent to render offensive and defensive systems inoperable or to take control of systems with the ability to deliver kinetic attacks. These attacks all create complicated questions of attribution and law, as the normal laws of war are of questionable value when applied to threats delivered domestically from a anonymous source in a distant location. In addition, deterrence, offensive actions and defensive response often become blurred in the cyber realm, requiring a fresh look at what policies such as “no first strike” mean in cyberspace.
+
[[Cyberwar| Cyberwarfare]] includes covert [[Espionage | espionage]] attacks against secure systems to collect sensitive [[Keyword_Index_and_Glossary_of_Core_Ideas#National_Security | national security]] information, distributed attacks against the [[Public_Critical_Infrastructure | civilian infrastructure]] to cause widespread failures of energy and/or communication systems or targeted attacks against [[Government_Networks_(.gov) | military targets]] with the intent to render offensive and defensive systems inoperable or to take control of systems with the ability to deliver [[Keyword_Index_and_Glossary_of_Core_Ideas#Botnet | kinetic attacks]]. These attacks all create complicated questions of [[Attribution | attribution]] and [[Regulation/Liability | law]], as the normal [[Keyword_Index_and_Glossary_of_Core_Ideas#Laws_of_War | laws of war]] are of questionable value when applied to threats delivered domestically from a anonymous source in a distant location. In addition, [[Deterrence| deterrence]], offensive actions and defensive response often become blurred in the cyber realm, requiring a fresh look at what policies such as “no first strike” mean in cyberspace.
  
Solutions to these problems will involve addressing questions of economics, incentives, law, legislation, politics, government-private cooperation and international diplomacy. Government, industry, the military and the public must all play a role in deciding how much cybersecurity is needed and who will pay for it. These stakeholders must also address the tradeoffs between privacy and security that often arise in addressing cyber threats. Finally, there needs to be a way to measure the threat and the protections put in place so that the players can make intelligent choices in allocating scare resources.  
+
Solutions to these problems will involve addressing questions of [[Economics_of_Cybersecurity | economics]], incentives, law, legislation, politics, [[Public-Private_Cooperation | government-private cooperation]] and [[International_Cooperation |international diplomacy]]. Government, industry, the military and the public must all play a role in deciding [[Keyword_Index_and_Glossary_of_Core_Ideas#Cyber_Security_as_a_Public_Good | how much cybersecurity is needed]] and who will pay for it. These stakeholders must also address the tradeoffs between privacy and security that often arise in addressing cyber threats. Finally, there needs to be a way to [[Keyword_Index_and_Glossary_of_Core_Ideas#Research_.26_Development | measure the threat]] and the protections put in place so that the players can make intelligent choices in allocating scare resources.
  
 
==Key Resources==
 
==Key Resources==

Revision as of 14:19, 30 June 2010

Introduction

This Cybersecurity wiki provides a set of evolving resources on cybersecurity, broadly defined, and includes an Annotated Bibliography on relevant articles and literature, which can be searched in a number of ways. Please see below.

This wiki is intended as a tool/resource for researchers, technologists, students, policy-makers and others who are interested in cybersecurity issues more broadly.

Cybersecurity Overview

The term “Cybersecurity” encompasses a range of issues from Cybercrime to Cyberwar. These in turn embrace a diverse set of activities and interests.

Cybercrime, for example, can refer to a lone Hacker breaking into a single computer to an organized network of computer criminals collecting thousands or millions of credit card numbers and/or personal information records from multiple sources. Responses to cybercrime range from offering incentives to individuals, manufacturers and/or corporations to protect against malware and botnet attacks to decisions about insurance and risk management.

Cyberwarfare includes covert espionage attacks against secure systems to collect sensitive national security information, distributed attacks against the civilian infrastructure to cause widespread failures of energy and/or communication systems or targeted attacks against military targets with the intent to render offensive and defensive systems inoperable or to take control of systems with the ability to deliver kinetic attacks. These attacks all create complicated questions of attribution and law, as the normal laws of war are of questionable value when applied to threats delivered domestically from a anonymous source in a distant location. In addition, deterrence, offensive actions and defensive response often become blurred in the cyber realm, requiring a fresh look at what policies such as “no first strike” mean in cyberspace.

Solutions to these problems will involve addressing questions of economics, incentives, law, legislation, politics, government-private cooperation and international diplomacy. Government, industry, the military and the public must all play a role in deciding how much cybersecurity is needed and who will pay for it. These stakeholders must also address the tradeoffs between privacy and security that often arise in addressing cyber threats. Finally, there needs to be a way to measure the threat and the protections put in place so that the players can make intelligent choices in allocating scare resources.

Key Resources

Reader's Guide: "How to Use this Wiki"

Our Annotated Bibliography presents and summarizes all of the resources we've collected by key issues and themes in Cybersecurity.

Because this bibliography encompasses such a wide range of cybersecurity issues, the most direct way to get started is to look through the Annotated Bibliography and select Specific Issues or Themes of interest. For example, "Issues->Cybercrime" or Security Targets->Private Critical Infrastructure->Financial Institutions and Networks.

If you are interested in a broad topic area, however, you might choose to start your search from one of the Broad Topics. This allows you to search within the broad categories of Overview, Threats and Actors, Issues, and Approaches.

Alternately, you can access the readings that we've summarized, according to Resource Type, which includes Government Reports, Industry Reports and Books.

For a more targeted review by Key Word, please review our Keyword Index and Glossary of Core Ideas, which will enable you to search definitions and references related to specific terms, from Botnet to Zero-Day Exploit.

The comprehensive List of All Articles is available here: Comprehensive Index

References may also be accessed in a standard bibliographic format (BibTeX) here: Bibliography.

Ongoing Work

A Note on Methodology: The materials featured in this wiki are just a starting point for our inquiry. They were selected as foundational documents on the recommendation of select researchers. During the next phase of the project, experts, policy-makers, academics, and others will be asked to review and evaluate the current collection and make recommendations for additional resources to include. We have also included a list of suggested materials for review and possible inclusion in the next phase of the project.

Additional articles for consideration are listed here: Suggested References to Add to Wiki

About the Project

This wiki is part of the Minerva Initiative.

The resources have been assembled by a team at the Berkman Center for Internet & Society. Contributors include: David Abrams, Jacob Albert, Urs Gasser, Jack Goldsmith, Shane Matthews, Caroline Nolan, and Felix Treguer.

If you have feedback, comments, or suggested additional readings/resources, please contact Caroline Nolan: cnolan@cyber.law.harvard.edu

Templates and Wiki Tools

Template for Sources

Guidelines for adding Bibliography entries

Wiki User's Guide