Difference between revisions of "Template:Filtered Table"

From Cybersecurity Wiki
Jump to: navigation, search
Line 135: Line 135:
 
|-
 
|-
 
|-
 
|-
| Schneier, Bruce ||2003||[http://cyber.law.harvard.edu/cybersecurity/Beyond_Fear Beyond Fear ]||Book ||3.2 [[Actors and Incentives]],<br>4.5 [[Psychology and Politics]],<br>5.6 [[Deterrence]]||Yes
+
| Schneier, Bruce ||2003--||[[Beyond_Fear|Beyond Fear ]]||Book ||3.2 [[Actors and Incentives]],<br>4.5 [[Psychology and Politics]],<br>5.6 [[Deterrence]]||Yes
 
|-
 
|-
| Camp, L. Jean ||2004||[http://cyber.law.harvard.edu/cybersecurity/Economics_of_Information_Security Economics of Information Security ]||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes
+
| Camp, L. Jean ||2004--||[[Economics_of_Information_Security|Economics of Information Security ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| Grady, Mark F. ||2006||[http://cyber.law.harvard.edu/cybersecurity/The_Law_and_Economics_of_Cybersecurity The Law and Economics of Cybersecurity ]||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes
+
| Camp, L. Jean ||2004--||[[Pricing_Security|Pricing Security ]]||Book ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]]||Yes
 
|-
 
|-
| Johnson, Eric M. ||2008||[http://cyber.law.harvard.edu/cybersecurity/Managing_Information_Risk_and_the_Economics_of_Security Managing Information Risk and the Economics of Security ]||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||Yes
+
| Varian, Hal ||2004--||[[System_Reliability_and_Free_Riding|System Reliability and Free Riding ]]||Book ||4.2 [[Economics of Cybersecurity]]||Yes
 
|-
 
|-
| Schneier, Bruce ||2008||[http://cyber.law.harvard.edu/cybersecurity/Schneier_on_Security Schneier on Security ]||Book ||3.2 [[Actors and Incentives]],<br>4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]]||Yes
+
| Grady, Mark F. ||2006--||[[The_Law_and_Economics_of_Cybersecurity|The Law and Economics of Cybersecurity ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| Anderson, Ross J. ||2008||[http://cyber.law.harvard.edu/cybersecurity/Security_Engineering Security Engineering ]||Book ||3.2 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes
+
| Gandal, Neil ||2008--||[[An_Introduction_to_Key_Themes_in_the_Economics_of_Cyber_Security|An Introduction to Key Themes in the Economics of Cyber Security ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.7 [[Technology]]||Yes
 
|-
 
|-
| Zittrain, Jonathan L. ||2008||[http://cyber.law.harvard.edu/cybersecurity/The_Future_of_the_Internet_and_How_To_Stop_It The Future of the Internet and How To Stop It ]||Book ||4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]]||Yes
+
| Johnson, Eric M. ||2008--||[[Managing_Information_Risk_and_the_Economics_of_Security|Managing Information Risk and the Economics of Security ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| Kramer, Franklin D., et. al ||2009||[http://cyber.law.harvard.edu/cybersecurity/Cyberpower_and_National_Security Cyberpower and National Security ]||Book ||1. [[Overview]]||Yes
+
| Schneier, Bruce ||2008--||[[Schneier_on_Security|Schneier on Security ]]||Book ||3.2 [[Actors and Incentives]],<br>4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| Clarke, Richard A. ||2010||[http://cyber.law.harvard.edu/cybersecurity/Cyber_War Cyber War ]||Book ||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]]||Yes
+
| Anderson, Ross J. ||2008--||[[Security_Engineering|Security Engineering ]]||Book ||3.2 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| Camp, L. Jean ||2004||[http://cyber.law.harvard.edu/cybersecurity/Pricing_Security Pricing Security ]||Book ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]]||Yes
+
| Zittrain, Jonathan L. ||2008--||[[The_Future_of_the_Internet_and_How_To_Stop_It|The Future of the Internet and How To Stop It ]]||Book ||4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| Varian, Hal ||2004||[http://cyber.law.harvard.edu/cybersecurity/System_Reliability_and_Free_Riding System Reliability and Free Riding ]||Book ||4.2 [[Economics of Cybersecurity]]||Yes
+
| Kramer, Franklin D., et. al ||2009--||[[Cyberpower_and_National_Security|Cyberpower and National Security ]]||Book ||1. [[Overview]]||Yes
 
|-
 
|-
| Gandal, Neil ||2008||[http://cyber.law.harvard.edu/cybersecurity/An_Introduction_to_Key_Themes_in_the_Economics_of_Cyber_Security An Introduction to Key Themes in the Economics of Cyber Security ]||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.7 [[Technology]]||Yes
+
| Moore, Tyler ||2009--||[[The_Impact_of_Incentives_on_Notice_and_Take-down|The Impact of Incentives on Notice and Take-down ]]||Book ||4.2.2 [[Incentives]],<br>4.11 [[Cybercrime]],<br>5.4 [[International Cooperation]]||Yes
 
|-
 
|-
| Moore, Tyler ||2008||[http://cyber.law.harvard.edu/cybersecurity/The_Impact_of_Incentives_on_Notice_and_Take-down The Impact of Incentives on Notice and Take-down ]||Book ||4.2.2 [[Incentives]],<br>4.11 [[Cybercrime]],<br>5.4 [[International Cooperation]]||Yes
+
| Nye, Joseph ||2010--||[[Cyber_Power|Cyber Power ]]||Book ||4.12 [[Cyberwar]],<br>4.13 [[Espionage]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| Nye, Joseph ||2010||[http://cyber.law.harvard.edu/cybersecurity/Cyber_Power Cyber Power ]||Book ||4.12 [[Cyberwar]],<br>4.13 [[Espionage]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| Clarke, Richard A. ||2010--||[[Cyber_War|Cyber War ]]||Book ||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]]||Yes
 
|-
 
|-
| Anderson, Ross ||2001||[http://cyber.law.harvard.edu/cybersecurity/Why_Information_Security_is_Hard Why Information Security is Hard ]||Article||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]],<br>5.1 [[Regulation/Liability]]||Yes
+
| Rotenberg et. al. ||2010--||[[The_Cyber_War_Threat_Has_Been_Grossly_Exaggerated|The Cyber War Threat Has Been Grossly Exaggerated ]]||Article||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]]||Yes
 
|-
 
|-
| Schmitt, Michael N., et. al ||2004||[http://cyber.law.harvard.edu/cybersecurity/Computers_and_War Computers and War ]||Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum ||2009-09-15||[http://nationalstrategy.com/Portals/0/National%20Security%20Threats%20in%20Cyberspace%20FINAL%2009-15-09.pdf National Security Threats in Cyberspace ]||Independent Report||||No
 
|-
 
|-
| Bohme, Rainer ||2005||[http://cyber.law.harvard.edu/cybersecurity/Cyber-Insurance_Revisited Cyber-Insurance Revisited ]||Article||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,4.2.5 [[Market Failure]]||Yes
+
| IEEE/EastWest Institute ||2010-05-26||[http://www.ieee-rogucci.org/files/The%20ROGUCCI%20Report.pdf The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report) ]||Independent Report||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.4 [[International Cooperation]]||No
 
|-
 
|-
| Bohme, Rainer ||2006||[http://cyber.law.harvard.edu/cybersecurity/Models_and_Measures_for_Correlation_in_Cyber-Insurance Models and Measures for Correlation in Cyber-Insurance ]||Article||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]]||Yes
+
| Pew Research Center’s Internet & American Life Project ||2010-06-11||[http://pewinternet.org/Reports/2010/The-future-of-cloud-computing.aspx The future of cloud computing ]||Independent Report||3.3.3.3 [[Cloud Computing]]||No
 
|-
 
|-
| Franklin, Jason, et. al ||2007||[http://cyber.law.harvard.edu/cybersecurity/An_Inquiry_into_the_Nature_and_Causes_of_the_Wealth_of_Internet_Miscreants An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants ]||Article||3.2.5 [[Criminals and Criminal Organizations]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]||Yes
+
| Council on Foreign Relations ||2010-07-15||[http://i.cfr.org/content/publications/attachments/Knake%20-Testimony%20071510.pdf Untangling Attribution: Moving to Accountability in Cyberspace [Testimony]]||Independent Report||3.2 [[Actors and Incentives]],<br>4.8 [[Attribution]],<br>5. [[Approaches]]||No
 
|-
 
|-
| Moore, Tyler ||2007||[http://cyber.law.harvard.edu/cybersecurity/Examining_the_Impact_of_Website_Take-down_on_Phishing Examining the Impact of Website Take-down on Phishing ]||Article||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.7 [[Technology]]||Yes
+
| National Research Council ||2010-09-21||[http://www.nap.edu/catalog.php?record_id=12998 Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop ]||Independent Report||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>4.10 [[Privacy]]||No
 
|-
 
|-
| Romanosky et al. ||2008||[http://cyber.law.harvard.edu/cybersecurity/Do_Data_Breach_Disclosure_Laws_Reduce_Identity_Theft Do Data Breach Disclosure Laws Reduce Identity Theft ]||Article||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+
| National Research Council ||2010-10-05||[http://www.nap.edu/catalog.php?record_id=12997#description Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy ]||Independent Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
 
|-
 
|-
| Moore, Tyler ||2008||[http://cyber.law.harvard.edu/cybersecurity/The_Consequence_of_Non-Cooperation_in_the_Fight_Against_Phishing The Consequence of Non-Cooperation in the Fight Against Phishing ]||Article||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]]||Yes
+
| National Security Initiative ||2010-10-18||[http://www.americansecuritychallenge.com/ American Security Challenge ]||Independent Report||||No
 
|-
 
|-
| Bohme, Rainer ||2010||[http://cyber.law.harvard.edu/cybersecurity/Modeling_Cyber-Insurance Modeling Cyber-Insurance ]||Article||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,5.2 [[Private Efforts/Organizations]]||Yes
+
| Organisation for Economic Co-operation and Development (OECD) ||2010-11-12||[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.165.2211&rep=rep1&type=pdf The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data ]||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| Rotenberg et. al. ||2010||[http://cyber.law.harvard.edu/cybersecurity/The_Cyber_War_Threat_Has_Been_Grossly_Exaggerated The Cyber War Threat Has Been Grossly Exaggerated ]||Article||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]]||Yes
+
| Institute for Science and International Security ||2010-12-22||[http://isis-online.org/isis-reports/detail/did-stuxnet-take-out-1000-centrifuges-at-the-natanz-enrichment-plant/ Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment ]||Independent Report||3. [[Threats and Actors]],<br>3.3 [[Security Targets]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| GAO||2004-05-28||[http://www.gao.gov/assets/160/157541.pdf Technology Assessment: Cybersecurity for Critical Infrastructure Protection]||U.S. Government Report||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.7 [[Technology]]||No
+
| Threat Level Blog (Wired) ||2010-12-27||[http://www.wired.com/threatlevel/2010/12/a-four-day-dive-into-stuxnets-heart/ A Four-Day Dive Into Stuxnet’s Heart ]||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| U.S. Department of Energy, Infrastructure Security and Energy Restoration ||2007-01-01||[http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf 21 Steps to Improve Cyber Security of SCADA Networks ]||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research ||2011-01-13||[http://www.isi.edu/deter/news/news.php?story=20 Design of the DETER Security Testbed ]||Independent Report||5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| Wilson, Clay<br />CRS||2007-03-20||[http://www.fas.org/sgp/crs/natsec/RL31787.pdf Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues]||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]]||No
+
| EastWest Institute ||2011-02-03||[http://vialardi.org/nastrazzuro/pdf/US-Russia.pdf Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace ]||Independent Report||3.2.1 [[States]],<br>5.4 [[International Cooperation]],<br>5.5 [[International Law (including Laws of War)]]||No
 
|-
 
|-
| GAO||2008-07-31||[http://www.gao.gov/assets/280/279084.pdf Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability]||U.S. Government Report||5.3 [[Government Organizations]]||No
+
| Massachusetts Institute of Technology (MIT) ||2011-12-05||[http://web.mit.edu/mitei/research/studies/the-electric-grid-2011.shtml The Future of the Electric Grid ]||Independent Report||3.3.2.1 [[Electricity]],<br>4. [[Issues]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| DHS||2009-09-16||[http://www.cyber.st.dhs.gov/docs/National_Cyber_Leap_Year_Summit_2009_Co-Chairs_Report.pdf National Cyber Leap Year Summit 2009: Co-Chairs' Report]||U.S. Government Report||3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>4.8 [[Attribution]]||No
+
| RAND||2011-12-21||[http://www.rand.org/content/dam/rand/pubs/occasional_papers/2011/RAND_OP342.pdf A Cyberworm that Knows No Boundaries ]||Independent Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| GAO||2009-09-24||[http://www.gao.gov/new.items/d09969.pdf Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+
| National Association of Secretaries of State ||2012-01-12||[http://www.nass.org/index.php?option=com_docman&task=doc_download&gid=1257 Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices ]||Independent Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Federal Communications Commission (FCC) ||2010-04-21||[http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-305618A1.doc Explore the reliability and resiliency of commercial broadband communications networks ]||U.S. Government Report||3.3.3 [[Communications]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| International Telecommunications Union ||2012-02-10||[http://www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-toolkit-cybercrime-legislation.pdf ITU Toolkit for Cybercrime Legislation ]||Independent Report||||No
 
|-
 
|-
| Department of Energy, Idaho National Laboratory ||2010-05-01||[http://www.fas.org/sgp/eprint/nstb.pdf NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses ]||U.S. Government Report||3.3.2 [[Private Critical Infrastructure]],<br>5.7 [[Technology]]||No
+
| Center for a New American Security||2012-06-11||[http://www.cnas.org/node/6405 America’s Cyber Future: Security and Prosperity in the Information Age ]||Independent Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
 
|-
 
|-
| GAO||2010-06-03||[http://www.gao.gov/assets/310/305208.pdf Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+
| National Security Cyberspace Institute||2012-07-11||[http://www.nsci-va.org/WhitePapers/2011-07-22-Cyber Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies ]||Independent Report||||No
 
|-
 
|-
| General Accountability Office (GAO) ||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||U.S. Government Report||3.3 [[Security Targets]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]||No
+
| Centre for Secure Information Technologies||2012-09-11||[http://www.csit.qub.ac.uk/media/pdf/Filetoupload,252359,en.pdf World Cybersecurity Technology Research Summit (Belfast 2011) ]||Independent Report||||No
 
|-
 
|-
| National Institute of Standards and Technology (NIST) ||2010-09-02||[http://www.nist.gov/public_affairs/releases/nist-finalizes-initial-set-of-smart-grid-cyber-security-guidelines.cfm NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines ]||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| Business Roundtable||2012-10-11||[http://businessroundtable.org/uploads/studies-reports/downloads/2011_10_Mission_Critical_A_Public-Private_Strategy_for_Effective_Cybersecurity.pdf Mission Critical: A Public-Private Strategy for Effective Cybersecurity ]||Independent Report||||No
 
|-
 
|-
| White House (Office of Science & Technology Policy) ||2010-12-06||[http://www.whitehouse.gov/blog/2010/12/06/partnership-cybersecurity-innovation Partnership for Cybersecurity Innovation ]||U.S. Government Report||3.3.2.2 [[Financial Institutions and Networks]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+
| Mitre Corp (JASON Program Office) ||2012-11-10||[http://www.fas.org/irp/agency/dod/jason/cyber.pdf Science of Cyber-Security ]||Independent Report||1. [[Overview]],<br>4. [[Issues]]||No
 
|-
 
|-
| Kundra, Vivek||2010-12-09||[http://www.cio.gov/documents/25-point-implementation-plan-to-reform-federal%20it.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+
| Cloud Security Alliance ||2012-12-09||[http://www.cloudsecurityalliance.org/csaguide.pdf Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 ]||Independent Report||3.3.3.3 [[Cloud Computing]],<br>4. [[Issues]],<br>5.2 [[Private Efforts/Organizations]]||No
 
|-
 
|-
| Kerr, Paul K. et al.<br />CRS||2010-12-09||[http://www.fas.org/sgp/crs/natsec/R41524.pdf The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability]||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]],<br>5.4 International Law (including Laws of War)||No
+
| CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies ||2011-01||[http://csis.org/files/publication/110128_Lewis_CybersecurityTwoYearsLater_Web.pdf Cybersecurity Two Years Later ]||Independent Report||3. [[Threats and Actors]],<br>5. [[Approaches]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| White House ||2010-12-16||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+
| Software and Information Industry Association (SAII) ||2011-07-26||[http://www.siia.net/index.php?option=com_docman&task=doc_download&gid=3040&Itemid=318 Guide to Cloud Computing for Policy Makers ]||Independent Report ||3.3.3.3 [[Cloud Computing]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| General Accountability Office (GAO) ||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| Organization for Economic Co-operation and Development (OECD) ||2012-01-10||[http://www.oecd-ilibrary.org/docserver/download/fulltext/5k9h2q8v9bln.pdf?expires=1330527950&id=id&accname=guest&checksum=F4470043AC638BE19D5131C3D5CE5EA4 ICT Applications for the Smart Grid: Opportunities and Policy Implications ]||Independent Report ||||No
 
|-
 
|-
| North American Electric Reliability Corp. (NERC) ||2011-01-26||[http://www.wired.com/images_blogs/threatlevel/2011/02/DoE-IG-Report-on-Grid-Security.pdf Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security ]||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+
| National Research Council ||1999--||[[Trust_in_Cyberspace|Trust in Cyberspace ]]||Independent Report ||3.3.3.2 [[Public Data Networks]],<br>4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]]||Yes
 
|-
 
|-
| Kundra, Vivek||2011-02-08||[http://www.cio.gov/documents/federal-cloud-computing-strategy.pdf Federal Cloud Computing Strategy]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+
| Anderson, Ross ||2001--||[[Why_Information_Security_is_Hard|Why Information Security is Hard ]]||Independent Report ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| James Clapper, Director of National Intelligence ||2011-02-10||[http://www.dni.gov/testimonies/20110210_testimony_clapper.pdf Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony) ]||U.S. Government Report||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]]||No
+
| Computing Research Association ||2003-||[[Four_Grand_Challenges_in_Trustworthy_Computing|Four Grand Challenges in Trustworthy Computing ]]||Independent Report ||4.4 [[Usability/Human Factors]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]]||Yes
 
|-
 
|-
| General Accountability Office (GAO) ||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||U.S. Government Report||3. [[Threats and Actors]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+
| Institute for Information Infrastructure Protection ||2003--||[[Cyber_Security_Research_and_Development_Agenda|Cyber Security Research and Development Agenda ]]||Independent Report ||4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| U.S. Army War College, Strategy Research Project ||2011-03-24||[http://www.dtic.mil/dtic/tr/fulltext/u2/a552990.pdf China’s Cyber Power and America’s National Security ]||U.S. Government Report||3.2.1 [[States]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]]||No
+
| Dörmann, Knut ||2004--||[[Applicability_of_the_Additional_Protocols_to_Computer_Network_Attacks|Applicability of the Additional Protocols to Computer Network Attacks ]]||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| U.S. Army War College ||2011-05-09||[http://www.strategicstudiesinstitute.army.mil/pubs/display.cfm?pubid=10670 Cyber Infrastructure Protection ]||U.S. Government Report||||No
+
| Schmitt, Michael N., et. al ||2004--||[[Computers_and_War|Computers and War ]]||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| Federal Communications Commission (FCC) ||2011-06-03||[ FCC's Plan for Ensuring the Security of Telecommunications Networks ftp://ftp.fcc.gov/pub/Daily_Releases/Daily_Business/2011/ db0610/DOC-307454A1.txt ]||U.S. Government Report||||No
+
| Lernard, Thomas M. ||2005--||[[An_Economic_Analysis_of_Notification_Requirements_for_Data_Security_Breaches|An Economic Analysis of Notification Requirements for Data Security Breaches ]]||Independent Report ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| National Science Foundation||2011-08-11||[http://www.livescience.com/15423-forefront-cyber-security-research-nsf-bts.html At the Forefront of Cyber Security Research ]||U.S. Government Report||5.7 [[Technology]]||No
+
| Bohme, Rainer ||2005--||[[Cyber-Insurance_Revisited|Cyber-Insurance Revisited ]]||Independent Report ||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,4.2.5 [[Market Failure]]||Yes
 
|-
 
|-
| National Initiative for Cybersecurity Education||2011-08-11||[http://csrc.nist.gov/nice/documents/nicestratplan/Draft_NICE-Strategic-Plan_Aug2011.pdf National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation]||U.S. Government Report||1. [[Overview]],<br>5.3 [[Government Organizations]]||No
+
| Bohme, Rainer ||2006--||[[Models_and_Measures_for_Correlation_in_Cyber-Insurance|Models and Measures for Correlation in Cyber-Insurance ]]||Independent Report ||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]]||Yes
 
|-
 
|-
| Office of the National Counterintelligence Executive ||2011-11-03||[http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf Foreign Spies Stealing US Economic Secrets in Cyberspace ]||U.S. Government Report||3. [[Threats and Actors]],<br>3.2 [[Actors and Incentives]],<br>4.13 [[Espionage]]||No
+
| Energetics Inc. ||2006--||[[Roadmap_to_Secure_Control_Systems_in_the_Energy_Sector|Roadmap to Secure Control Systems in the Energy Sector ]]||Independent Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||Yes
 
|-
 
|-
| DOD ||2011-11-15||[http://www.defense.gov/home/features/2011/0411_cyberstrategy/docs/NDAA%20Section%20934%20Report_For%20webpage.pdf Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934 ]||U.S. Government Report||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| Franklin, Jason, et. al ||2007--||[[An_Inquiry_into_the_Nature_and_Causes_of_the_Wealth_of_Internet_Miscreants|An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants ]]||Independent Report ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]||Yes
 
|-
 
|-
| National Initiative for Cybersecurity Education (NICE) ||2011-11-21||[http://csrc.nist.gov/nice/framework/documents/NICE-Cybersecurity-Workforce-Framework-printable.pdf NICE Cybersecurity Workforce Framework ]||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
+
| Moore, Tyler ||2007--||[[Examining_the_Impact_of_Website_Take-down_on_Phishing|Examining the Impact of Website Take-down on Phishing ]]||Independent Report ||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.7 [[Technology]]||Yes
 
|-
 
|-
| General Accountability Office (GAO) ||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
+
| National Research Council ||2007--||[[Toward_a_Safer_and_More_Secure_Cyberspace|Toward a Safer and More Secure Cyberspace ]]||Independent Report ||1. [[Overview]],<br>4.8 [[Attribution]],<br>5.6 [[Deterrence]]||Yes
 
|-
 
|-
| GAO||2012-01-13||[http://www.gao.gov/assets/590/587681.pdf Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements]||U.S. Government Report||3.3.1.2 [[Military Networks (.mil)]],<br>4.7 [[Public-Private Cooperation]]||No
+
| Romanosky et al. ||2008--||[[Do_Data_Breach_Disclosure_Laws_Reduce_Identity_Theft|Do Data Breach Disclosure Laws Reduce Identity Theft ]]||Independent Report ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| National Science Foundation||2012-01-17||[http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=1127185 Information Security Risk Taking ]||U.S. Government Report||4.1 [[Metrics]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+
| Financial Services Sector Coordinating Council for Critical Infrastructure Protection ||2008--||[[Research_Agenda_for_the_Banking_and_Finance_Sector|Research Agenda for the Banking and Finance Sector ]]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]]||Yes
 
|-
 
|-
| Department of Defense ||2012-04-11||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DoD) ]||U.S. Government Report||||No
+
| Center for Strategic and International Studies ||2008--||[[Securing_Cyberspace_for_the_44th_Presidency|Securing Cyberspace for the 44th Presidency ]]||Independent Report ||4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]],<br>5.4 [[International Cooperation]]||Yes
 
|-
 
|-
| Fischer, Eric A.<br />CRS||2012-04-23||[http://www.fas.org/sgp/crs/natsec/R42114.pdf Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions]||U.S. Government Report||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]]||No
+
| Moore, Tyler ||2008--||[[The_Consequence_of_Non-Cooperation_in_the_Fight_Against_Phishing|The Consequence of Non-Cooperation in the Fight Against Phishing ]]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]]||Yes
 
|-
 
|-
| Project on National Security Reform (PNSR) ||2012-11-10||[http://www.pnsr.org/data/images/pnsr_the_power_of_people_report.pdf The Power of People: Building an Integrated National Security Professional System for the 21st Century ]||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
+
| National Cyber Defense Initiative ||2009--||[[National_Cyber_Defense_Financial_Services_Workshop_Report|National Cyber Defense Financial Services Workshop Report ]]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||Yes
 
|-
 
|-
| Thom, Maxie    ||2006||[http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA460393  Information Warfare Arms Control: Risks and Costs]||U.S. Government Report||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5. [[Approaches]]||Yes
+
| Bohme, Rainer ||2010--||[[Modeling_Cyber-Insurance|Modeling Cyber-Insurance ]]||Independent Report ||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,5.2 [[Private Efforts/Organizations]]||Yes
 
|-
 
|-
| DHS||2007-06||[http://www.oig.dhs.gov/assets/Mgmt/OIG_07-48_Jun07.pdf Challenges Remain in Securing the Nation’s Cyber Infrastructure]||U.S. Government Report||4.6 Information Sharing,<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+
| Clinton, Larry ||Undated ||[[Cyber-Insurance_Metrics_and_Impact_on_Cyber-Security|Cyber-Insurance Metrics and Impact on Cyber-Security ]]||Independent Report ||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]]||Yes
 
|-
 
|-
| White House||2009||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure]||U.S. Government Report||1. [[Overview]],<br>4.7 [[Public-Private Cooperation]]||No
+
| International Instrument Users Association (WIB) ||2010-11-10||[http://www.isssource.com/wib/ WIB Security Standard Released ]||Industry Report||3.3 [[Security Targets]],<br>5.4 [[International Cooperation]]||No
 
|-
 
|-
| GAO||2009-07||[http://www.gao.gov/new.items/d09546.pdf Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]]||No
+
| Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America ||2011-03-08||[http://www.cdt.org/files/pdfs/20110308_cbyersec_paper.pdf Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper ]||Industry Report||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5. [[Approaches]]||No
 
|-
 
|-
| GAO||2009-09||[http://www.gao.gov/new.items/d09617.pdf Information Security: Concerted Effort Needed to Improve Federal Performance Measures]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+
| McAfee and Center for Strategic and International Studies (CSIS) ||2011-04-21||[http://www.mcafee.com/us/resources/reports/rp-critical-infrastructure-protection.pdf In the Dark: Crucial Industries Confront Cyberattacks ]||Industry Report||3. [[Threats and Actors]],<br>3.3.2 [[Private Critical Infrastructure]],<br> [[4.7 Public-Private Cooperation]]||No
 
|-
 
|-
| DHS||2009-11||[http://www.cyber.st.dhs.gov/docs/DHS-Cybersecurity-Roadmap.pdf A Roadmap for Cybersecurity Research]||U.S. Government Report||1. [[Overview]],<br>4.2.1 [[Risk Management and Investment]]||No
+
| Cyber Security Forum Initiative ||2011-05-09||[http://www.unveillance.com/wp-content/uploads/2011/05/Project_Cyber_Dawn_Public.pdf Cyber Dawn: Libya ]||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
 
|-
 
|-
| DHS||2010-08||[http://www.dhs.gov/xoig/assets/mgmtrpts/OIG_10-111_Aug10.pdf DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]]||No
+
| National Cyber Security Alliance and Microsoft ||2011-05-13||[http://www.staysafeonline.org/sites/default/files/resource_documents/2011%20National%20K-12%20Study%20Final_0.pdf 2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey ]||Industry Report||4.4 [[Usability/Human Factors]]||No
 
|-
 
|-
| DHS||2010-09||[http://www.federalnewsradio.com/pdfs/NCIRP_Interim_Version_September_2010.pdf National Cyber Incident Response Plan]||U.S. Government Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]]||No
+
| McAfee ||2011-08-02||[http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years ]||Industry Report||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.13 [[Espionage]]||No
 
|-
 
|-
| PCAST||2010-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology]||U.S. Government Report||4.3 [[Supply Chain Issues]],<br>4.10 [[Privacy]],<br>5.3 [[Government Organizations]]||No
+
| Symantec||2011-10-24||[http://www.symantec.com/connect/w32_duqu_precursor_next_stuxnet W32.Duqu: The Precursor to the Next Stuxnet ]||Industry Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| White House||2011-04||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]]||No
+
| Booz Allen Hamilton and the Economist Intelligence Unit ||2012-01-15||[http://www.cyberhub.com/CyberPowerIndex Cyber Power Index ]||Industry Report||4. [[Issues]],<br>4.1 [[Metrics]],<br>5. [[Approaches]]||No
 
|-
 
|-
| Department of Justice||2011-04||[http://www.justice.gov/oig/reports/FBI/a1122r.pdf The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat]||U.S. Government Report||4.6 [[Information Sharing/Disclosure]],<br>4.11 [[Cybercrime]],<br>5.3 [[Government Organizations]]||No
+
| McAfee ||2012-02-01||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf?cid=WBB048 Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World ]||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
 
|-
 
|-
| White House||2011-05||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World]||U.S. Government Report||1. [[Overview]]||No
+
| Business Software Alliance ||2012-02-02||[ Global Cloud Computing Scorecard a Blueprint for Economic Opportunity ]||Industry Report||3.3.3.3 [[Cloud Computing]]||No
 
|-
 
|-
| Department of Commerce, Internet Policy Task Force||2011-06||[http://www.nist.gov/itl/upload/Cybersecurity_Green-Paper_FinalVersion.pdf Cybersecurity, Innovation and the Internet Economy]||U.S. Government Report||4.2 [[Economics of Cybersecurity]],<br>4.7 [[Public-Private Cooperation]]||No
+
| McAfee and the Security Defense Agenda||2012-02-12||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World]||Industry Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
 
|-
 
|-
| PCAST||2011-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-advanced-manufacturing-june2011.pdf Report to the President on Ensuring American Leadership in Advanced Manufacturing]||U.S. Government Report||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||No
+
| Microsoft||2012-11-10||[http://cdn.globalfoundationservices.com/documents/InformationSecurityMangSysforMSCloudInfrastructure.pdf Information Security Management System for Microsoft Cloud Infrastructure ]||Industry Report||3.3.3.3 [[Cloud Computing]],<br>5.2 [[Private Efforts/Organizations]]||No
 
|-
 
|-
| Energy Sector Control Systems Working Group||2011-09||[http://www.cyber.st.dhs.gov/wp-content/uploads/2011/09/Energy_Roadmap.pdf Roadmap to Achieve Energy Delivery Systems Cybersecurity]||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]]||No
+
| Computer Economics, Inc. ||2007--||[[2007_Malware_Report|2007 Malware Report ]]||Industry Report ||4.2 [[Economics of Cybersecurity]]||Yes
 
|-
 
|-
| DHS||2011-11||[http://www.dhs.gov/xlibrary/assets/nppd/blueprint-for-a-secure-cyber-future.pdf Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise]||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||No
+
| Verizon ||2010--||[[2010_Data_Breach_Investigations_Report|2010 Data Breach Investigations Report ]]||Industry Report ||3.3.2.2 [[Financial Institutions and networks]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]]||Yes
 
|-
 
|-
| NSTC||2011-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program]||U.S. Government Report||5.3 [[Government Organizations]]||No
+
| HP TippingPoint DVLabs ||2010--||[[2010_Top_Cyber_Security_Risks_Report|2010 Top Cyber Security Risks Report ]]||Industry report ||4.11 [[Cybercrime]],<br>5.7 [[Technology]]||Yes
 
|-
 
|-
| White House||2012-01||[http://www.whitehouse.gov/sites/default/files/national_strategy_for_global_supply_chain_security.pdf National Strategy for Global Supply Chain Security]||U.S. Government Report||4.3 [[Supply Chain Issues]]||No
+
| McAfee, Inc. ||2010--||[[McAfee_Threats_Report|McAfee Threats Report ]]||Industry Report ||3.2.3 [[Hacktivists]],<br>3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]]||Yes
 
|-
 
|-
| White House||2012-02||[http://www.whitehouse.gov/sites/default/files/privacy-final.pdf Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy]||U.S. Government Report||4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
+
| Symantec Corporation ||2010--||[[Symantec_Global_Internet_Security_Threat_Report|Symantec Global Internet Security Threat Report ]]||Industry Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]||Yes
 
|-
 
|-
| Department of Energy||2012-04||[http://energy.gov/sites/prod/files/OAS-RA-12-04.pdf The Department's Management of the Smart Grid Investment Grant Program]||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.2.1 [[Risk Management and Investment]]||No
+
| Trend Micro Incorporated ||2010--||[[Trend_Micro_Annual_Report|Trend Micro Annual Report ]]||Industry Report ||4.11 [[Cybercrime]]||Yes
 
|-
 
|-
| GAO||2003-08-27||[http://www.gao.gov/products/GAO-03-760 Efforts to Improve Information sharing Need to Be Strengthened ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+
| Journal of Strategic Studies ||2011-10-05||[http://www.tandfonline.com/doi/abs/10.1080/01402390.2011.6089393 Cyber War Will Not Take Place ]||Journal Article||||No
 
|-
 
|-
| White House/OMB||2009-05-29||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure ]||U.S. Government Report ||4. [[Issues]],<br>5. [[Approaches]]||No
+
| Schmitt Michael N  ||2002--||[[Wired_Warfare| Wired warfare: Computer network attack and jus in bello]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| GAO||2009-11-17||[http://www.gao.gov/products/GAO-10-230t Continued Efforts Are Needed to Protect Information Systems from Evolving Threats ]||U.S. Government Report ||3.2 [[Actors and Incentives]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+
| Schmitt Michael N  ||2004--||[[Direct_Participation_in_Hostilities|Direct Participation in Hostilities and 21st Century Armed Conflict]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| White House/OMB||2010-03-02||[http://www.whitehouse.gov/cybersecurity/comprehensive-national-cybersecurity-initiative Comprehensive National Cybersecurity Initiative (CNCI) ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| Thom, Maxie    ||2006--||[[Information_Warfare_Arms_Control| Information Warfare Arms Control: Risks and Costs]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5. [[Approaches]]||Yes
 
|-
 
|-
| GAO||2010-03-05||[http://www.gao.gov/products/GAO-10-338 Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+
| Graham David E  ||2010--||[[Cyber_Threats_and_the_Law_of_War| Cyber Threats and the Law of War]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| GAO||2010-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+
| Dunlap Charles J, Jr  ||2011--||[[Perspectives_for_Cyber_Strategists_on_Law_for_Cyberwar|Perspectives for Cyber Strategists on Law for Cyberwar]]||Journal Article||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| GAO||2010-03-24||[http://www.gao.gov/products/GAO-10-536t Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at: ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+
| Schmitt, Michael N. ||1999--||[[Computer_Network_Attack_and_the_Use_of_Force_in_International_Law|Computer Network Attack and the Use of Force in International Law ]]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| GAO||2010-04-12||[http://www.gao.gov/products/GAO-10-237 Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| Barkham, Jason ||2001--||[[Information_Warfare_and_International_Law_on_the_Use_of_Force|Information Warfare and International Law on the Use of Force ]]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| GAO||2010-06-16||[http://www.gao.gov/products/GAO-10-834t Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+
| Swire, Peter P. ||2004--||[[A_Model_for_When_Disclosure_Helps_Security|A Model for When Disclosure Helps Security ]]||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| U.S. Navy ||2010-06-17||[http://www.doncio.navy.mil/PolicyView.aspx?ID=1804 DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
+
| Aviram, Amitai ||2004--||[[Overcoming_Impediments_to_Information_Sharing|Overcoming Impediments to Information Sharing ]]||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]||Yes
 
|-
 
|-
| White House/OMB||2010-06-25||[http://www.dhs.gov/xlibrary/assets/ns_tic.pdf The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+
| Johnson, Vincent R. ||2005--||[[Cybersecurity,_Identity_Theft,_and_the_Limits_of_Tort_Liability|Cybersecurity, Identity Theft, and the Limits of Tort Liability ]]||Journal Article ||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| GAO||2010-07-01||[http://www.gao.gov/products/GAO-10-513 Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+
| Powell, Benjamin ||2005--||[[Is_Cybersecurity_a_Public_Good|Is Cybersecurity a Public Good ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.5 [[Market Failure]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| White House/OMB||2010-07-06||[http://www.whitehouse.gov/sites/default/files/omb/assets/memoranda_2010/m10-28.pdf Clarifying Cybersecurity Responsibilities ]||U.S. Government Report ||5.3 [[Government Organizations]]||No
+
| Granick, Jennifer Stisa ||2005--||[[The_Price_of_Restricting_Vulnerability_Publications|The Price of Restricting Vulnerability Publications ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| GAO||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+
| Brown, Davis ||2006--||[[A_Proposal_for_an_International_Convention_To_Regulate_the_Use_of_Information_Systems_in_Armed_Conflict|A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict ]]||Journal Article ||3.3.2.1 [[Military networks (.gov)]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| U.S. Air Force ||2010-07-15||[http://www.e-publishing.af.mil/shared/media/epubs/afdd3-12.pdf Cyberspace Operations: Air Force Doctrine Document 3-12 ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No
+
| Swire, Peter P. ||2006--||[[A_Theory_of_Disclosure_for_Security_and_Competitive_Reasons|A Theory of Disclosure for Security and Competitive Reasons ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| Quadrennial Defense Review ||2010-07-30||[http://www.usip.org/quadrennial-defense-review-independent-panel-/view-the-report The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report) ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
+
| Kobayashi, Bruce H. ||2006--||[[An_Economic_Analysis_of_the_Private_and_Social_Costs_of_the_Provision_of_Cybersecurity_and_Other_Public_Security_Goods|An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.6 [[Deterrence]]||Yes
 
|-
 
|-
| GAO||2010-08-02||[http://www.gao.gov/products/GAO-10-606 United States Faces Challenges in Addressing Global Cybersecurity and Governance ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]||No
+
| Stohl, Michael ||2006--||[[Cyber_Terrorism|Cyber Terrorism ]]||Journal Article ||3.2.3 [[Hacktivists]],<br>3.2.4 [[Terrorists]],<br>4.5 [[Psychology and Politics]]||Yes
 
|-
 
|-
| GAO||2010-09-15||[http://www.gao.gov/products/GAO-10-916 Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+
| Arora et al. ||2006--||[[Does_Information_Security_Attack_Frequency_Increase_With_Vulnerability_Disclosure|Does Information Security Attack Frequency Increase With Vulnerability Disclosure ]]||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]]||Yes
 
|-
 
|-
| GAO||2010-09-23||[http://www.gao.gov/products/GAO-10-772 DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||No
+
| Lernard, Thomas M. ||2006--||[[Much_Ado_About_Notification|Much Ado About Notification ]]||Journal Article ||4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulaiton/Liability]]||Yes
 
|-
 
|-
| GAO||2010-10-06||[http://www.gao.gov/products/GAO-11-24 Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed ]||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| Anderson, Ross ||2006--||[[The_Economics_of_Information_Security|The Economics of Information Security ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||Yes
 
|-
 
|-
| National Research Council, Committee for Advancing Software-Intensive Systems Producibility ||2010-10-20||[http://www.nap.edu/catalog.php?record_id=12979 Critical Code: Software Producibility for Defense ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| Thomas, Rob ||2006--||[[The_Underground_Economy|The Underground Economy ]]||Journal Article ||3.2.5 [[Criminals and Criminl Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.11 [[Cybercrime]]||Yes
 
|-
 
|-
| GAO||2010-11-30||[http://www.gao.gov/products/GAO-11-43 Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk ]||U.S. Government Report ||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| Telang, Rahul ||2007--||[[Impact_of_Software_Vulnerability_Announcements_on_the_Market_Value_of_Software_Vendors|Impact of Software Vulnerability Announcements on the Market Value of Software Vendors ]]||Journal Article ||4.1 [[Metrics]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]]||Yes
 
|-
 
|-
| White House/OMB||2010-12-09||[http://www.cio.gov/documents/25-Point-Implementation-Plan-to-Reform-Federal%20IT.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| Schwartz, Paul ||2007--||[[Notification_of_Data_Security_Breaches|Notification of Data Security Breaches ]]||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| GAO||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||U.S. Government Report ||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| Hollis, Duncan B. ||2007--||[[Why_States_Need_an_International_Law_for_Information_Operations|Why States Need an International Law for Information Operations ]]||Journal Article ||4.12 [[Cyberwar]],<br>4.13.1 [[Government to Government Espionage]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| White House ||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| Epstein, Richard A. ||2008--||[[Cybersecurity_in_the_Payment_Card_Industry|Cybersecurity in the Payment Card Industry ]]||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||Yes
 
|-
 
|-
| White House/OMB||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| Todd, Graham H. ||2009--||[[Armed_Attack_in_Cyberspace|Armed Attack in Cyberspace ]]||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 [[Internaitonal Law (including Laws of War)]]||Yes
 
|-
 
|-
| GAO||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| Korns, Stephen W. ||2009--||[[Cyber_Operations|Cyber Operations ]]||Journal Article ||4.8 [[Attribution]],<br>4.12 [[Cyberwar]],<br>5.6 [[Deterrence]]||Yes
 
|-
 
|-
| White House ||2011-04-15||[http://www.whitehouse.gov/the-press-office/2011/04/15/administration-releases-strategy-protect-online-consumers-and-support-in Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+
| Beard, Jack M. ||2009--||[[Law_and_War_in_the_Virtual_Era|Law and War in the Virtual Era ]]||Journal Article ||4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| White House ||2011-04-15||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+
| Sklerov, Matthew J. ||2009--||[[Solving_the_Dilemma_of_State_Responses_to_Cyberattacks|Solving the Dilemma of State Responses to Cyberattacks ]]||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 [[Internaitonal Law (including Laws of War)]]||Yes
 
|-
 
|-
| White House/OMB||2011-05-12||[http://www.whitehouse.gov/the-press-office/2011/05/12/fact-sheet-cybersecurity-legislative-proposal Cybersecurity Legislative Proposal (Fact Sheet) ]||U.S. Government Report ||4. [[Issues]],<br>5.3 [[Government Organizations]]||No
+
| Moore, Tyler, et. al ||2009--||[[The_Economics_of_Online_Crime|The Economics of Online Crime ]]||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]]||Yes
 
|-
 
|-
| White House/OMB||2011-05-16||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]||No
+
| Watts, Sean ||2010--||[[Combatant_Status_and_Computer_Network_Attack|Combatant Status and Computer Network Attack ]]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| Department of Commerce ||2011-06-14||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+
| Varian, Hal ||2000--||[[Managing_Online_Security_Risks|Managing Online Security Risks ]]||Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]]||Yes
 
|-
 
|-
| GAO||2011-07-08||[http://www.gao.gov/products/GAO-11-149 Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain ]||U.S. Government Report ||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| European Network and Information Security Agency ||2010-10-07||[http://www.enisa.europa.eu/media/press-releases/stuxnet-analysis Stuxnet Analysis ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| DOD ||2011-07-14||[http://www.defense.gov/news/d20110714cyber.pdf Department of Defense Strategy for Operating in Cyberspace ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
+
| European Network and Information Security Agency (ENISA) ||2011-04-11||[http://www.enisa.europa.eu/act/res/other-areas/inter-x/report/interx-report Resilience of the Internet Interconnection Ecosystem, at: ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
 
|-
 
|-
| GAO||2011-07-25||[http://www.gao.gov/products/GAO-11-75 Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
+
| Cabinet Office (United Kingdom) ||2012-11-11||[http://www.cabinetoffice.gov.uk/sites/default/files/resources/uk-cyber-security-strategy-final.pdf The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| GAO||2011-07-26||[http://www.gao.gov/products/GAO-11-463T Continued Attention Needed to Protect Our Nation’s Critical Infrastructure ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| GAO||2012-02-28||[http://www.csit.qub.ac.uk/media/pdf/Filetoupload,252359,en.pdf Cybersecurity: Challenges to Securing the Modernized Electricity Grid ]||Non-U.S. Government Report ||||No
 
|-
 
|-
| Software and Information Industry Association (SAII) ||2011-07-26||[http://www.siia.net/index.php?option=com_docman&task=doc_download&gid=3040&Itemid=318 Guide to Cloud Computing for Policy Makers ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
+
| van Eeten, Michel J. G. ||2008--||[[Economics_of_Malware|Economics of Malware ]]||Non-U.S. Government Report ||4.2 [[Economics of Cybersecurity]]||Yes
 
|-
 
|-
| Secretary of the Air Force ||2011-07-27||[http://www.e-publishing.af.mil/shared/media/epubs/AFI51-402.pdf Legal Reviews of Weapons and Cyber Capabilities ]||U.S. Government Report ||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]]||No
+
| Dunlap, Charles J. Jr. ||2009--||[[Towards_a_Cyberspace_Legal_Regime_in_the_Twenty-First_Century|Towards a Cyberspace Legal Regime in the Twenty-First Century ]]||Article||4.5 [[Psychology and Politics]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| GAO||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No
+
| Anderson, Ross, et. al ||2008--||[[Security_Economics_and_the_Internal_Market|Security Economics and the Internal Market ]]||Article||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.6 [[Deterrence]]||Yes
 
|-
 
|-
| General Accountability Office (GAO) ||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Permenant Select Committee on Intelligence||2011-02-10||[https://intelligence.house.gov/hearing/full-committee-world-wide-threats-hearing World Wide Threats]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| NIST ||2011-09-01||[http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505 Cloud Computing Reference Architecture ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]]||No
+
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-02-11||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cpreventing-chemical-terrorism-building-foundation-security-our-nation Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| White House/OMB||2011-09-14||[http://www.whitehouse.gov/sites/default/files/omb/memoranda/2011/m11-33.pdf FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-02-11||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=90d8a16a-23b7-4b9c-a732-cb10ab20e579&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=2&YearDisplay=2011 What Should the Department of Defense’s Role in Cyber Be?]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| GAO||2011-10-03||[http://www.gao.gov/products/GAO-12-137 Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
+
| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-02-17||[http://www.hsgac.senate.gov/hearings/the-homeland-security-departments-budget-submission-for-fiscal-year-2012 Homeland Security Department’s Budget Submission for Fiscal Year 2012]||U.S. Government Hearing||||No
 
|-
 
|-
| GAO||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+
| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-03-10||[http://www.hsgac.senate.gov/hearings/information-sharing-in-the-era-of-wikileaks-balancing-security-and-collaboration Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| GAO ||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+
| U.S. Senate Committee on Energy and Natural Resources||2011-03-15||[ Cybersecurity and Critical Electric Infrastructure (closed)]||U.S. Government Hearing||3.3.2.1 [[Electricity]]||No
 
|-
 
|-
| White House/OMB||2011-10-07||[http://www.whitehouse.gov/the-press-office/2011/10/07/executive-order-structural-reforms-improve-security-classified-networks- Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-03-16||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=79ce7b4c-f88b-40bf-9540-efdb3a2d26b2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2011 2012 Budget Request from U.S. Cyber Command]||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]]||No
 
|-
 
|-
| GAO||2011-10-17||[http://www.gao.gov/products/GAO-11-634 Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management ]||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-03-16||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-cyber-threat-critical-infrastructure-and-american-economy Examining the Cyber Threat to Critical Infrastructure and the American Economy]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]]||No
 
|-
 
|-
| GAO||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at: ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
+
| U.S. Senate Committee on Judiciary||2011-03-30||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da1697f72 Oversight of the Federal Bureau of Investigation]||U.S. Government Hearing||3. [[Threats and Actors]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| NIST ||2011-12-01||[http://www.nist.gov/itl/cloud/upload/SP_500_293_volumeII.pdf U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power)||2011-03-31||[http://www.dhs.gov/ynews/testimony/testimony_1301595025263.shtm Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs  ]||U.S. Government Hearing||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| White House/OMB||2011-12-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program ]||U.S. Government Report ||5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-04-12||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16a9959 Cyber Security: Responding to the Threat of Cyber Crime and Terrorism]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| White House/Office of Management and Budget (OMB) ||2011-12-08||[http://www.cio.gov/fedrampmemo.pdf Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP) ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations)||2011-04-15||[http://foreignaffairs.house.gov/hearing_notice.asp?id=1279 Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology]||U.S. Government Hearing||3.2.1 [[Governments]],<br>4.12 [[Cyberwar]],<br>4.13 [[Espionage]]||No
 
|-
 
|-
| GAO||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-04-15||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9C-dhs-cybersecurity-mission-promoting-innovation-and-securing-critical DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| General Accountability Office (GAO) ||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||U.S. Government Report ||||No
+
| U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-05-03||[http://www.armed-services.senate.gov/Transcripts/2011/05%20May/11-31%20-%205-3-11.pdf To receive testimony on the health and status of the defense industrial base and its science and technology-related elements]||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.3 [[Supply Chain Issues]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Department of Energy (DOE) Inspector General ||2012-01-01||[http://energy.gov/ig/downloads/departments-management-smart-grid-investment-grant-program-oas-ra-12-04 The Department’s Management of the Smart Grid Investment Grant Program ]||U.S. Government Report ||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.3 [[Government Organizations]]||No
+
| U.S. Senate Committee on Energy and Natural Resources||2011-05-05||[http://www.energy.senate.gov/public/index.cfm/hearings-and-business-meetings?ID=929c1441-da25-c99d-3e27-af20c29e3b4b Cybersecurity of the Bulk-Power System and Electric Infrastructure]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]]||No
 
|-
 
|-
| Federal CIO Council ||2012-01-04||[http://www.gsa.gov/portal/category/102371 Federal Risk and Authorization Management Program (FedRAMP) ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+
| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-05-23||[http://www.hsgac.senate.gov/hearings/protecting-cyberspace-assessing-the-white-house-proposal Protecting Cyberspace: Assessing the White House Proposal]||U.S. Government Hearing||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Organization for Economic Co-operation and Development (OECD) ||2012-01-10||[http://www.oecd-ilibrary.org/docserver/download/fulltext/5k9h2q8v9bln.pdf?expires=1330527950&id=id&accname=guest&checksum=F4470043AC638BE19D5131C3D5CE5EA4 ICT Applications for the Smart Grid: Opportunities and Policy Implications ]||U.S. Government Report ||||No
+
| U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations)||2011-05-25||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-immediate-threat-to-the-united-states/ Cybersecurity: Assessing the Immediate Threat to the United States]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||No
 
|-
 
|-
| General Services Administration (GSA) ||2012-02-07||[http://www.gsa.gov/graphics/staffoffices/FedRAMP_CONOPS.pdf Concept of Operations: FedRAMP ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet)||2011-05-25||[http://judiciary.house.gov/hearings/hear_05252011.html Cybersecurity: Problems Innovative Solutions to Challenging]||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]]||No
 
|-
 
|-
| DOD ||2012-02-16||[http://www.fas.org/sgp/othergov/dod/5200_01v1.pdf DOD Information Security Program: Overview, Classification, and Declassification ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education)||2011-05-25||[http://science.house.gov/hearing/subcommittee-research-and-science-education-subcommittee-technology-and-innovation-%E2%80%93-joint Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| NIST ||2012-02-17||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies)||2011-05-26||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cunlocking-safety-act%E2%80%99s-potential-promote-technology-and-combat Unlocking the SAFETY Act’s Support Anti-terrorism by Fostering Effective Technologies - P.L. 107-296] Potential to Promote Technology and Combat Terrorism ]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| GAO||2012-02-28||[http://www.csit.qub.ac.uk/media/pdf/Filetoupload,252359,en.pdf Cybersecurity: Challenges to Securing the Modernized Electricity Grid ]||U.S. Government Report ||||No
+
| U.S. House Committee on Energy and Commerce||2011-05-31||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8639 Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| President's Commission on Critical Infrastructure Protection ||1997||[http://cyber.law.harvard.edu/cybersecurity/Critical_Foundations Critical Foundations ]||U.S. Government Report||3.3.2 [[Private Critical Infrastructure]],<br>3.3.3 [[Communications]],<br>5.3 [[Government Organizations]]||Yes
+
| U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade)||2011-06-02||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8653 Sony and Epsilon: Lessons for Data Security Legislation]||U.S. Government Hearing||4.9 [[Identity Management]],<br>5.1 [[Regulation/Liability]],<br>5.2 [[Private Efforts/Organizations]]||No
 
|-
 
|-
| Department of Defense ||1999||[http://cyber.law.harvard.edu/cybersecurity/An_Assessment_of_International_Legal_Issues_in_Information_Operations An Assessment of International Legal Issues in Information Operations ]||U.S. Government Report||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing)||2011-06-15||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8693 Discussion Draft of H.R. _, a bill to require greater protection for sensitive consumer data and timely notification in case of breach]||U.S. Government Hearing||4.6 [[Information Sharing/Disclosure]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Department of Homeland Security ||2003||[http://cyber.law.harvard.edu/cybersecurity/The_National_Strategy_for_the_Physical_Protection_of_Critical_Infrastructures_and_Key_Assets The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
+
| U.S. Senate Committee on Banking, Housing and Urban Affairs||2011-06-21||[http://banking.senate.gov/public/index.cfm?FuseAction=Hearings.Hearing&Hearing_ID=87487cb2-4710-4c09-a1b0-a9e12cda88f1 Cybersecurity and Data Protection in the Financial Sector]||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| White House ||2003||[http://cyber.law.harvard.edu/cybersecurity/The_National_Strategy_to_Secure_Cyberspace The National Strategy to Secure Cyberspace ]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]s||Yes
+
| U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-06-21||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16e1bbe Cybersecurity: Evaluating the Administration’s Proposals]||U.S. Government Hearing||1. [[Overview]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| National Infrastructure Advisory Council ||2004||[http://cyber.law.harvard.edu/cybersecurity/Hardening_The_Internet Hardening The Internet ]||U.S. Government Report||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||Yes
+
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-06-24||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-homeland-security-impact-obamaadministrations-cybersecurity Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| National Cyber Security Summit Task Force ||2004||[http://cyber.law.harvard.edu/cybersecurity/Information_Security_Governance Information Security Governance ]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[Government Organizations]]||Yes
+
| U.S. House Committee on Financial Services (field hearing in Hoover, AL)||2011-06-29||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=246611 Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information]||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| United States Secret Service ||2004||[http://cyber.law.harvard.edu/cybersecurity/Insider_Threat_Study Insider Threat Study ]||U.S. Government Report||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.2 [[Incentives]],<br>4.4 Usability/Human Factor||Yes
+
| U.S. Senate Committee on Commerce, Science and Transportation||2011-06-29||[http://commerce.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=e2c2a2ca-91d6-48a2-b5ea-b5c4104bdb97&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=b06c39af-e033-4cba-9221-de668ca1978a&MonthDisplay=6&YearDisplay=2011 Privacy and Data Security: Protecting Consumers in the Modern World]||U.S. Government Hearing||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| President's Information Technology Advisory Council ||2005||[http://cyber.law.harvard.edu/cybersecurity/Cyber_Security:_A_Crisis_of_Prioritization Cyber Security: A Crisis of Prioritization ]||U.S. Government Report||4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||Yes
+
| U.S. House Committee on Oversight and Government Reform||2011-07-07||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-nations-ability-to-address-the-growing-cyber-threat/ Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat]||U.S. Government Hearing||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Department of Defense ||2005||[http://cyber.law.harvard.edu/cybersecurity/Strategy_for_Homeland_Defense_and_Civil_Support Strategy for Homeland Defense and Civil Support ]||U.S. Government Report||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
+
| U.S. House Committee on Science, Space and Technology||2011-07-21||[http://science.house.gov/markup/full-committee-%E2%80%93-markup Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| Deputy Chief of Staff for Intelligence ||2006||[http://cyber.law.harvard.edu/cybersecurity/Critical_Infrastructure_Threats_and_Terrorism Critical Infrastructure Threats and Terrorism ]||U.S. Government Report||3.3 [[Security Targets]],<br>4.11 [[Cybercrime]],<br>4.12 [[Cyberwar]]||Yes
+
| U.S. Senate Committee on Small Business and Entrepreneurship||2011-07-25||[http://www.sbc.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=6b4d51de-dd67-434b-869f-a717b315e6c2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=43eb5e02-e987-4077-b9a7-1e5a9cf28964&MonthDisplay=7&YearDisplay=2011 Role of Small Business in Strengthening Cybersecurity Efforts in the United States]||U.S. Government Hearing||4.2.2 [[Incentives]],<br>4.7 [[public-Private Cooperation]]||No
 
|-
 
|-
| National Science and Technology Council ||2006||[http://cyber.law.harvard.edu/cybersecurity/Federal_Plan_for_Cyber_Security_and_Information_Assurance_Research_and_Development Federal Plan for Cyber Security and Information Assurance Research and Development ]||U.S. Government Report||4.1 [[Metrics]],<br>4.7 Attribution,<bR>4.8 Public-Private Cooperation||Yes
+
| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2011-07-26||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8824 Cybersecurity: Infrastructure An Overview of Risks to Critical]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| National Institute of Standards and Technology ||2006||[http://cyber.law.harvard.edu/cybersecurity/SP_800-82:_Guide_to_Supervisory_Control_and_Data_Acquisition_(SCADA)_and_Industrial_Control_Systems_Security SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>.2.1 Risk Management and Investment,<br>5.2 [[Private Efforts/Organizations]]||Yes
+
| U.S. Senate Committee on Judiciary||2011-09-07||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=3d9031b47812de2592c3baeba629084b Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats]||U.S. Government Hearing||3.11 [[Cybercrime]],<br>4.13.2 [[Industrial Espionage]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Department of Defense ||2007||[http://cyber.law.harvard.edu/cybersecurity/Mission_Impact_of_Foreign_Influence_on_DoD_Software Mission Impact of Foreign Influence on DoD Software ]||U.S. Government Report||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
+
| U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit)||2011-09-14||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=258792 Combating Cybercriminals]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>5.7 [[Government Organizations]]||No
 
|-
 
|-
| Department of Homeland Security ||2009||[http://cyber.law.harvard.edu/cybersecurity/A_Roadmap_for_Cybersecurity_Research A Roadmap for Cybersecurity Research ]||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||Yes
+
| U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation)||2011-09-21||[http://science.house.gov/hearing/technology-and-innovation-subcommittee-hearing-cloud-computing The Cloud Computing Outlook]||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| White House ||2009||[http://cyber.law.harvard.edu/cybersecurity/Cyberspace_Policy_Review Cyberspace Policy Review ]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[Government Organizations]]||Yes
+
| U.S. House Permenant Select Committee on Intelligence||2011-10-04||[https://intelligence.house.gov/hearing/cyber-threats-and-ongoing-efforts-protect-nation Cyber Threats and Ongoing Efforts to Protect the Nation]||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.13.2 [[Industrial Espionage]],<br>5.4 [[International Cooperation]]||No
 
|-
 
|-
| Networking and Information Technology Research and Development ||2009||[http://cyber.law.harvard.edu/cybersecurity/National_Cyber_Leap_Year_Summit_2009,_Co-Chairs%27_Report National Cyber Leap Year Summit 2009, Co-Chairs' Report ]||U.S. Government Report||4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]],<br>5.7 [[Technology]]||Yes
+
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology)||2011-10-06||[http://homeland.house.gov/hearing/cloud-computing-what-are-security-implications Cloud Computing: What are the Security Implications?]||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Department of Commerce ||2010||[http://cyber.law.harvard.edu/cybersecurity/Defense_Industrial_Base_Assessment Defense Industrial Base Assessment ]||U.S. Government Report||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||Yes
+
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-11-03||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=42c170fb-8e0c-453a-81a2-f4ee3fa89283&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=11&YearDisplay=2011 Institutionalizing Irregular Warfare Capabilities]||U.S. Government Hearing||4.12 [[Cyberwar]]||No
 
|-
 
|-
| White House ||2010||[http://cyber.law.harvard.edu/cybersecurity/The_Comprehensive_National_Cybersecurity_Initiative The Comprehensive National Cybersecurity Initiative ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
+
| U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security)||2011-11-15||[http://judiciary.house.gov/hearings/hear_11152011.html Cybersecurity: Protecting America’s New Frontier]||U.S. Government Hearing||4.10 [[Privacy]],<br>4.11 [[Cybercrime]]||No
 
|-
 
|-
| U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs) ||2010-009||[http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain Defending a New Domain ]||U.S. Government Report ||||No
+
| U.S. House Committee on the Judiciary||2011-11-16||[http://judiciary.house.gov/hearings/hear_11162011.html Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act)]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| DOD ||2011-04||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DOD) ]||U.S. Government Report ||||No
+
| U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology)||2011-12-01||[http://smallbusiness.house.gov/Calendar/EventSingle.aspx?EventID=270278 Cyber Security: Protecting Your Small Business]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Department of Energy, Office of Electricity Delivery & Energy Reliability ||1899-12-30||[http://energy.gov/oe/technology-development/energy-delivery-systems-cybersecurity Cybersecurity for Energy Delivery Systems Program ]||U.S. Government Report ||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Permenant Select Committee on Intelligence||2011-12-01||[https://intelligence.house.gov/markup/mark-hr-xxxx-%E2%80%9Ccyber-intelligence-sharing-and-protection-act-2011%E2%80%9D Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011]||U.S. Government Hearing||4.6 [[Information Sharing]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum ||2009-09-15||[http://nationalstrategy.com/Portals/0/National%20Security%20Threats%20in%20Cyberspace%20FINAL%2009-15-09.pdf National Security Threats in Cyberspace ]||Independent Report||||No
+
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-12-06||[http://homeland.house.gov/hearing/subcommittee-hearing-hearing-draft-legislative-proposal-cybersecurity Hearing on Draft Legislative Proposal on Cybersecurity]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| IEEE/EastWest Institute ||2010-05-26||[http://www.ieee-rogucci.org/files/The%20ROGUCCI%20Report.pdf The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report) ]||Independent Report||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.4 [[International Cooperation]]||No
+
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2012-02-01||[http://homeland.house.gov/markup/subcommittee-markup-hr-3674 Consideration and Markup of H.R. 3674]||U.S. Government Hearing||4.6 [[Information Sharing]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Pew Research Center’s Internet & American Life Project ||2010-06-11||[http://pewinternet.org/Reports/2010/The-future-of-cloud-computing.aspx The future of cloud computing ]||Independent Report||3.3.3.3 [[Cloud Computing]]||No
+
| U.S. Senate Committee on Homeland Security and Governmental Affairs||2012-02-16||[http://www.hsgac.senate.gov/hearings/securing-americas-future-the-cybersecurity-act-of-2012 Securing America’s Future: The Cybersecurity Act of 2012]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Council on Foreign Relations ||2010-07-15||[http://i.cfr.org/content/publications/attachments/Knake%20-Testimony%20071510.pdf Untangling Attribution: Moving to Accountability in Cyberspace [Testimony] ]||Independent Report||3.2 [[Actors and Incentives]],<br>4.8 [[Attribution]],<br>5. [[Approaches]]||No
+
| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-02-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9318 Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.2.1 [[Risk Management and Investment]]||No
 
|-
 
|-
| National Research Council ||2010-09-21||[http://www.nap.edu/catalog.php?record_id=12998 Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop ]||Independent Report||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>4.10 [[Privacy]]||No
+
| U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight)||2012-02-29||[http://science.house.gov/hearing/subcommittee-investigations-and-oversight-hearing-nasa-cybersecurity-examination-agency%E2%80%99s NASA Cybersecurity: An Examination of the Agency’s Information Security]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| National Research Council ||2010-10-05||[http://www.nap.edu/catalog.php?record_id=12997#description Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy ]||Independent Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+
| U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-07||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9342 Cybersecurity:Networks    The Pivotal Role of Communications]||U.S. Government Hearing||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| National Security Initiative ||2010-10-18||[http://www.americansecuritychallenge.com/ American Security Challenge ]||Independent Report||||No
+
| U.S. Senate Committee on Judiciary||2012-03-13||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=8b30fa475a5089d793576cd947089793 The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Organisation for Economic Co-operation and Development (OECD) ||2010-11-12||[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.165.2211&rep=rep1&type=pdf The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data ]||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
+
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=92823c77-38f0-4c20-a3ee-36729e8e19a3&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2012 Fiscal 2013 Defense Authorization: IT and Cyber Operations]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>Government [[Organizations]]||No
 
|-
 
|-
| Institute for Science and International Security ||2010-12-22||[http://isis-online.org/isis-reports/detail/did-stuxnet-take-out-1000-centrifuges-at-the-natanz-enrichment-plant/ Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment ]||Independent Report||3. [[Threats and Actors]],<br>3.3 [[Security Targets]],<br>5.7 [[Technology]]||No
+
| U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://www.armed-services.senate.gov/Transcripts/2012/03%20March/12-14%20-%203-20-12.pdf To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Threat Level Blog (Wired) ||2010-12-27||[http://www.wired.com/threatlevel/2010/12/a-four-day-dive-into-stuxnets-heart/ A Four-Day Dive Into Stuxnet’s Heart ]||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
+
| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-03-27||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9393 IT Supply Chain Security: Review of Government and Industry Efforts]||U.S. Government Hearing||4.3 [[Supply Chain Issues]]||No
 
|-
 
|-
| University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research ||2011-01-13||[http://www.isi.edu/deter/news/news.php?story=20 Design of the DETER Security Testbed ]||Independent Report||5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| U.S. Senate Committee on Armed Services||2012-03-27||[http://armed-services.senate.gov/e_witnesslist.cfm?id=5283 To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program.]||U.S. Government Hearing||3.2.1 [[States]],<br>4.2 [[Economics of Cybersecurity]],<br>4.12 [[Cyberwar]]||No
 
|-
 
|-
| EastWest Institute ||2011-02-03||[http://vialardi.org/nastrazzuro/pdf/US-Russia.pdf Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace ]||Independent Report||3.2.1 [[States]],<br>5.4 [[International Cooperation]],<br>5.5 [[International Law (including Laws of War)]]||No
+
| U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9397 Cybersecurity:Threats to Communications Networks and Public-Sector Responses]||U.S. Government Hearing||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Massachusetts Institute of Technology (MIT) ||2011-12-05||[http://web.mit.edu/mitei/research/studies/the-electric-grid-2011.shtml The Future of the Electric Grid ]||Independent Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4. [[Issues]],<br>5.1 [[Regulation/Liability]]||No
+
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-19||[http://homeland.house.gov/hearing/subcommittee-hearing-dhs-and-doe-national-labs-finding-efficiencies-and-optimizing-outputs The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| RAND||2011-12-21||[http://www.rand.org/content/dam/rand/pubs/occasional_papers/2011/RAND_OP342.pdf A Cyberworm that Knows No Boundaries ]||Independent Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management)||2012-04-24||[http://homeland.house.gov/hearing/subcommittee-hearing-america-under-cyber-attack-why-urgent-action-needed America is Under Cyber Attack: Why Urgent Action is Needed]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]]||No
 
|-
 
|-
| National Association of Secretaries of State ||2012-01-12||[http://www.nass.org/index.php?option=com_docman&task=doc_download&gid=1257 Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices ]||Independent Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-26||[http://homeland.house.gov/hearing/joint-subcommittee-hearing-iranian-cyber-threat-us-homeland Iranian Cyber Threat to U.S. Homeland]||U.S. Government Hearing||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.12 [[Cyberwar]]||No
 
|-
 
|-
| Center for a New American Security||2012-06-11||[http://www.cnas.org/node/6405 America’s Cyber Future: Security and Prosperity in the Information Age ]||Independent Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+
| GAO||2004-05-28||[http://www.gao.gov/assets/160/157541.pdf Technology Assessment: Cybersecurity for Critical Infrastructure Protection]||U.S. Government Report||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| National Security Cyberspace Institute||2012-07-11||[http://www.nsci-va.org/WhitePapers/2011-07-22-Cyber Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies ]||Independent Report||||No
+
| U.S. Department of Energy, Infrastructure Security and Energy Restoration ||2007-01-01||[http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf 21 Steps to Improve Cyber Security of SCADA Networks ]||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| Centre for Secure Information Technologies||2012-09-11||[http://www.csit.qub.ac.uk/media/pdf/Filetoupload,252359,en.pdf World Cybersecurity Technology Research Summit (Belfast 2011) ]||Independent Report||||No
+
| Wilson, Clay<br />CRS||2007-03-20||[http://www.fas.org/sgp/crs/natsec/RL31787.pdf Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues]||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]]||No
 
|-
 
|-
| Business Roundtable||2012-10-11||[http://businessroundtable.org/uploads/studies-reports/downloads/2011_10_Mission_Critical_A_Public-Private_Strategy_for_Effective_Cybersecurity.pdf Mission Critical: A Public-Private Strategy for Effective Cybersecurity ]||Independent Report||||No
+
| GAO||2008-07-31||[http://www.gao.gov/assets/280/279084.pdf Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability]||U.S. Government Report||5.3 [[Government Organizations]]||No
 
|-
 
|-
| Mitre Corp (JASON Program Office) ||2012-11-10||[http://www.fas.org/irp/agency/dod/jason/cyber.pdf Science of Cyber-Security ]||Independent Report||1. [[Overview]],<br>4. [[Issues]]||No
+
| Department of Homeland Security||2009-09-16||[http://www.cyber.st.dhs.gov/docs/National_Cyber_Leap_Year_Summit_2009_Co-Chairs_Report.pdf National Cyber Leap Year Summit 2009: Co-Chairs' Report]||U.S. Government Report||3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>4.8 [[Attribution]]||No
 
|-
 
|-
| Cloud Security Alliance ||2012-12-09||[http://www.cloudsecurityalliance.org/csaguide.pdf Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 ]||Independent Report||3.3.3.3 [[Cloud Computing]],<br>4. [[Issues]],<br>5.2 [[Private Efforts/Organizations]]||No
+
| GAO||2009-09-24||[http://www.gao.gov/new.items/d09969.pdf Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies ||2011-01||[http://csis.org/files/publication/110128_Lewis_CybersecurityTwoYearsLater_Web.pdf Cybersecurity Two Years Later ]||Independent Report||3. [[Threats and Actors]],<br>5. [[Approaches]],<br>5.3 [[Government Organizations]]||No
+
| Federal Communications Commission (FCC) ||2010-04-21||[http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-305618A1.doc Explore the reliability and resiliency of commercial broadband communications networks ]||U.S. Government Report||3.3.3 [[Communications]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| National Research Council ||1999||[http://cyber.law.harvard.edu/cybersecurity/Trust_in_Cyberspace Trust in Cyberspace ]||Independent Report ||3.3.3.2 [[Public Data Networks]],<br>4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]]||Yes
+
| Department of Energy, Idaho National Laboratory ||2010-05-01||[http://www.fas.org/sgp/eprint/nstb.pdf NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses ]||U.S. Government Report||3.3.2 [[Private Critical Infrastructure]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| Institute for Information Infrastructure Protection ||2003||[http://cyber.law.harvard.edu/cybersecurity/Cyber_Security_Research_and_Development_Agenda Cyber Security Research and Development Agenda ]||Independent Report ||4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||Yes
+
| GAO||2010-06-03||[http://www.gao.gov/assets/310/305208.pdf Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Computing Research Association ||2003||[http://cyber.law.harvard.edu/cybersecurity/Four_Grand_Challenges_in_Trustworthy_Computing Four Grand Challenges in Trustworthy Computing ]||Independent Report ||4.4 [[Usability/Human Factors]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]]||Yes
+
| General Accountability Office (GAO) ||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||U.S. Government Report||3.3 [[Security Targets]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]||No
 
|-
 
|-
| Dörmann, Knut ||2004||[http://cyber.law.harvard.edu/cybersecurity/Applicability_of_the_Additional_Protocols_to_Computer_Network_Attacks Applicability of the Additional Protocols to Computer Network Attacks ]||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| National Institute of Standards and Technology (NIST) ||2010-09-02||[http://www.nist.gov/public_affairs/releases/nist-finalizes-initial-set-of-smart-grid-cyber-security-guidelines.cfm NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines ]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Energetics Inc. ||2006||[http://cyber.law.harvard.edu/cybersecurity/Roadmap_to_Secure_Control_Systems_in_the_Energy_Sector Roadmap to Secure Control Systems in the Energy Sector ]||Independent Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||Yes
+
| White House (Office of Science & Technology Policy) ||2010-12-06||[http://www.whitehouse.gov/blog/2010/12/06/partnership-cybersecurity-innovation Partnership for Cybersecurity Innovation ]||U.S. Government Report||3.3.2.2 [[Financial Institutions and Networks]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| National Research Council ||2007||[http://cyber.law.harvard.edu/cybersecurity/Toward_a_Safer_and_More_Secure_Cyberspace Toward a Safer and More Secure Cyberspace ]||Independent Report ||1. [[Overview]],<br>4.8 [[Attribution]],<br>5.6 [[Deterrence]]||Yes
+
| Kundra, Vivek||2010-12-09||[http://www.cio.gov/documents/25-point-implementation-plan-to-reform-federal%20it.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Financial Services Sector Coordinating Council for Critical Infrastructure Protection ||2008||[http://cyber.law.harvard.edu/cybersecurity/Research_Agenda_for_the_Banking_and_Finance_Sector Research Agenda for the Banking and Finance Sector ]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]]||Yes
+
| Kerr, Paul K. et al.<br />CRS||2010-12-09||[http://www.fas.org/sgp/crs/natsec/R41524.pdf The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability]||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]],<br>5.4 [[International Law (including Laws of War)]]||No
 
|-
 
|-
| Center for Strategic and International Studies ||2008||[http://cyber.law.harvard.edu/cybersecurity/Securing_Cyberspace_for_the_44th_Presidency Securing Cyberspace for the 44th Presidency ]||Independent Report ||4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]],<br>5.4 [[International Cooperation]]||Yes
+
| White House ||2010-12-16||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
 
|-
 
|-
| National Cyber Defense Initiative ||2009||[http://cyber.law.harvard.edu/cybersecurity/National_Cyber_Defense_Financial_Services_Workshop_Report National Cyber Defense Financial Services Workshop Report ]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||Yes
+
| General Accountability Office (GAO) ||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| International Instrument Users Association (WIB) ||2010-11-10||[http://www.isssource.com/wib/ WIB Security Standard Released ]||Industry Report||3.3 [[Security Targets]],<br>5.4 [[International Cooperation]]||No
+
| North American Electric Reliability Corp. (NERC) ||2011-01-26||[http://www.wired.com/images_blogs/threatlevel/2011/02/DoE-IG-Report-on-Grid-Security.pdf Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security ]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America ||2011-03-08||[http://www.cdt.org/files/pdfs/20110308_cbyersec_paper.pdf Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper ]||Industry Report||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5. [[Approaches]]||No
+
| Kundra, Vivek||2011-02-08||[http://www.cio.gov/documents/federal-cloud-computing-strategy.pdf Federal Cloud Computing Strategy]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| McAfee and Center for Strategic and International Studies (CSIS) ||2011-04-21||[http://www.mcafee.com/us/resources/reports/rp-critical-infrastructure-protection.pdf In the Dark: Crucial Industries Confront Cyberattacks ]||Industry Report||3. [[Threats and Actors]],<br>3.3.2 [[Private Critical Infrastructure]],<br> 4.7 [[Public-Private Cooperation]]||No
+
| James Clapper, Director of National Intelligence ||2011-02-10||[http://www.dni.gov/testimonies/20110210_testimony_clapper.pdf Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony) ]||U.S. Government Report||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]]||No
 
|-
 
|-
| Cyber Security Forum Initiative ||2011-05-09||[http://www.unveillance.com/wp-content/uploads/2011/05/Project_Cyber_Dawn_Public.pdf Cyber Dawn: Libya ]||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+
| General Accountability Office (GAO) ||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||U.S. Government Report||3. [[Threats and Actors]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| National Cyber Security Alliance and Microsoft ||2011-05-13||[http://www.staysafeonline.org/sites/default/files/resource_documents/2011%20National%20K-12%20Study%20Final_0.pdf 2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey ]||Industry Report||4.4 [[Usability/Human Factors]]||No
+
| U.S. Army War College, Strategy Research Project ||2011-03-24||[http://www.dtic.mil/dtic/tr/fulltext/u2/a552990.pdf China’s Cyber Power and America’s National Security ]||U.S. Government Report||3.2.1 [[States]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| McAfee ||2011-08-02||[http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years ]||Industry Report||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.13 [[Espionage]]||No
+
| U.S. Army War College ||2011-05-09||[http://www.strategicstudiesinstitute.army.mil/pubs/display.cfm?pubid=10670 Cyber Infrastructure Protection ]||U.S. Government Report||||No
 
|-
 
|-
| Symantec||2011-10-24||[http://www.symantec.com/connect/w32_duqu_precursor_next_stuxnet W32.Duqu: The Precursor to the Next Stuxnet ]||Industry Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
+
| Federal Communications Commission (FCC) ||2011-06-03||[-- FCC's Plan for Ensuring the Security of Telecommunications Networks ftp://ftp.fcc.gov/pub/Daily_Releases/Daily_Business/2011/ db0610/DOC-307454A1.txt ]||U.S. Government Report||||No
 
|-
 
|-
| Booz Allen Hamilton and the Economist Intelligence Unit ||2012-01-15||[http://www.cyberhub.com/CyberPowerIndex Cyber Power Index ]||Industry Report||4. [[Issues]],<br>4.1 [[Metrics]],<br>5. [[Approaches]]||No
+
| National Science Foundation||2011-08-11||[http://www.livescience.com/15423-forefront-cyber-security-research-nsf-bts.html At the Forefront of Cyber Security Research ]||U.S. Government Report||5.7 [[Technology]]||No
 
|-
 
|-
| McAfee ||2012-02-01||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf?cid=WBB048 Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World ]||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+
| National Initiative for Cybersecurity Education||2011-08-11||[http://csrc.nist.gov/nice/documents/nicestratplan/Draft_NICE-Strategic-Plan_Aug2011.pdf National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation]||U.S. Government Report||1. [[Overview]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Business Software Alliance ||2012-02-02||[http://portal.bsa.org/cloudscorecard2012/ Global Cloud Computing Scorecard a Blueprint for Economic Opportunity ]||Industry Report||3.3.3.3 [[Cloud Computing]]||No
+
| Office of the National Counterintelligence Executive ||2011-11-03||[http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf Foreign Spies Stealing US Economic Secrets in Cyberspace ]||U.S. Government Report||3. [[Threats and Actors]],<br>3.2 [[Actors and Incentives]],<br>4.13 [[Espionage]]||No
 
|-
 
|-
| McAfee and the Security Defense Agenda||2012-02-12||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World]||Industry Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+
| Department of Defense ||2011-11-15||[http://www.defense.gov/home/features/2011/0411_cyberstrategy/docs/NDAA%20Section%20934%20Report_For%20webpage.pdf Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934 ]||U.S. Government Report||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| Microsoft||2012-11-10||[http://cdn.globalfoundationservices.com/documents/InformationSecurityMangSysforMSCloudInfrastructure.pdf Information Security Management System for Microsoft Cloud Infrastructure ]||Industry Report||3.3.3.3 [[Cloud Computing]],<br>5.2 [[Private Efforts/Organizations]]||No
+
| National Initiative for Cybersecurity Education (NICE) ||2011-11-21||[http://csrc.nist.gov/nice/framework/documents/NICE-Cybersecurity-Workforce-Framework-printable.pdf NICE Cybersecurity Workforce Framework ]||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Computer Economics, Inc. ||2007||[http://cyber.law.harvard.edu/cybersecurity/2007_Malware_Report 2007 Malware Report ]||Industry Report ||4.2 [[Economics of Cybersecurity]]||Yes
+
| General Accountability Office (GAO) ||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Verizon ||2010||[http://cyber.law.harvard.edu/cybersecurity/2010_Data_Breach_Investigations_Report 2010 Data Breach Investigations Report ]||Industry Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]]||Yes
+
| GAO||2012-01-13||[http://www.gao.gov/assets/590/587681.pdf Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements]||U.S. Government Report||3.3.1.2 [[Military Networks (.mil)]],<br>4.7 [[Public-Private Cooperation]]||No
 
|-
 
|-
| HP TippingPoint DVLabs ||2010||[http://cyber.law.harvard.edu/cybersecurity/2010_Top_Cyber_Security_Risks_Report 2010 Top Cyber Security Risks Report ]||Industry report ||4.11 [[Cybercrime]],<br>5.7 [[Technology]]||Yes
+
| National Science Foundation||2012-01-17||[http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=1127185 Information Security Risk Taking ]||U.S. Government Report||4.1 [[Metrics]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| McAfee, Inc. ||2010||[http://cyber.law.harvard.edu/cybersecurity/McAfee_Threats_Report McAfee Threats Report ]||Industry Report ||3.2.3 [[Hacktivists]],<br>3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]]||Yes
+
| Department of Defense ||2012-04-11||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DoD) ]||U.S. Government Report||||No
 
|-
 
|-
| Symantec Corporation ||2010||[http://cyber.law.harvard.edu/cybersecurity/Symantec_Global_Internet_Security_Threat_Report Symantec Global Internet Security Threat Report ]||Industry Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]||Yes
+
| Fischer, Eric A.<br />CRS||2012-04-23||[http://www.fas.org/sgp/crs/natsec/R42114.pdf Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions]||U.S. Government Report||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Trend Micro Incorporated ||2010||[http://cyber.law.harvard.edu/cybersecurity/Trend_Micro_Annual_Report Trend Micro Annual Report ]||Industry Report ||4.11 [[Cybercrime]]||Yes
+
| Project on National Security Reform (PNSR) ||2012-11-10||[http://www.pnsr.org/data/images/pnsr_the_power_of_people_report.pdf The Power of People: Building an Integrated National Security Professional System for the 21st Century ]||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Journal of Strategic Studies ||2011-10-05||[http://www.tandfonline.com/doi/abs/10.1080/01402390.2011.6089393 Cyber War Will Not Take Place ]||Journal Article||||No
+
| Department of Homeland Security||2007-06||[http://www.oig.dhs.gov/assets/Mgmt/OIG_07-48_Jun07.pdf Challenges Remain in Securing the Nation’s Cyber Infrastructure]||U.S. Government Report||4.6 [[Information Sharing]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Schmitt Michael N  ||2002||[http://www.icrc.org/eng/assets/files/other/365_400_schmitt.pdf Wired warfare: Computer network attack and jus in bello]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| White House||2009--||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure]||U.S. Government Report||1. [[Overview]],<br>4.7 [[Public-Private Cooperation]]||No
 
|-
 
|-
| Schmitt Michael N  ||2004||[http://cyber.law.harvard.edu/cybersecurity/Direct_Participation_in_Hostilities Direct Participation in Hostilities and 21st Century Armed Conflict]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| Department of Homeland Security||2009-11||[http://www.cyber.st.dhs.gov/docs/DHS-Cybersecurity-Roadmap.pdf A Roadmap for Cybersecurity Research]||U.S. Government Report||1. [[Overview]],<br>4.2.1 [[Risk management and Investment]]||No
 
|-
 
|-
| Graham David E  ||2010||[http://cyber.law.harvard.edu/cybersecurity/Cyber_Threats_and_the_Law_of_War  Cyber Threats and the Law of War]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| Department of Homeland Security||2010-08||[http://www.dhs.gov/xoig/assets/mgmtrpts/OIG_10-111_Aug10.pdf DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Dunlap Charles J, Jr  ||2011||[http://www.au.af.mil/au/ssq/2011/spring/dunlap.pdf Perspectives for Cyber Strategists on Law for Cyberwar]||Journal Article||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| Department of Homeland Security||2010-09||[http://www.federalnewsradio.com/pdfs/NCIRP_Interim_Version_September_2010.pdf National Cyber Incident Response Plan]||U.S. Government Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Kobayashi, Bruce H. ||2006||[http://cyber.law.harvard.edu/cybersecurity/An_Economic_Analysis_of_the_Private_and_Social_Costs_of_the_Provision_of_Cybersecurity_and_Other_Public_Security_Goods An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods ]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.6 [[Deterrence]]||Yes
+
| PCAST||2010-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology]||U.S. Government Report||4.3 [[Supply Chain Issues]],<br>4.10 [[Privacy]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Stohl, Michael ||2006||[http://cyber.law.harvard.edu/cybersecurity/Cyber_Terrorism Cyber Terrorism ]||Journal Article ||3.2.3 [[Hacktivists]],<br>3.2.4 [[Terrorists]],<br>4.5 [[Psychology and Politics]]||Yes
+
| White House||2011-04||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]]||No
 
|-
 
|-
| Arora et al. ||2006||[http://cyber.law.harvard.edu/cybersecurity/Does_Information_Security_Attack_Frequency_Increase_With_Vulnerability_Disclosure Does Information Security Attack Frequency Increase With Vulnerability Disclosure ]||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]]||Yes
+
| Department of Justice||2011-04||[http://www.justice.gov/oig/reports/FBI/a1122r.pdf The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat]||U.S. Government Report||4.6 [[Information Sharing/Disclosure]],<br>4.11 [[Cybercrime]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Lernard, Thomas M. ||2006||[http://cyber.law.harvard.edu/cybersecurity/Much_Ado_About_Notification Much Ado About Notification ]||Journal Article ||4.6 [[Information Sharing/Disclosure]],<br>5.1 Regulaiton/Liability||Yes
+
| White House||2011-05||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World]||U.S. Government Report||1. [[Overview]]||No
 
|-
 
|-
| Anderson, Ross ||2006||[http://cyber.law.harvard.edu/cybersecurity/The_Economics_of_Information_Security The Economics of Information Security ]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||Yes
+
| Department of Commerce, Internet Policy Task Force||2011-06||[http://www.nist.gov/itl/upload/Cybersecurity_Green-Paper_FinalVersion.pdf Cybersecurity, Innovation and the Internet Economy]||U.S. Government Report||4.2 [[Economics of Cybersecurity]],<br>4.7 [[Public-Private Cooperation]]||No
 
|-
 
|-
| Thomas, Rob ||2006||[http://cyber.law.harvard.edu/cybersecurity/The_Underground_Economy The Underground Economy ]||Journal Article ||3.2.5 Criminals and Criminl Organizations,<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.11 [[Cybercrime]]||Yes
+
| PCAST||2011-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-advanced-manufacturing-june2011.pdf Report to the President on Ensuring American Leadership in Advanced Manufacturing]||U.S. Government Report||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Telang, Rahul ||2007||[http://cyber.law.harvard.edu/cybersecurity/Impact_of_Software_Vulnerability_Announcements_on_the_Market_Value_of_Software_Vendors Impact of Software Vulnerability Announcements on the Market Value of Software Vendors ]||Journal Article ||4.1 [[Metrics]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]]||Yes
+
| Energy Sector Control Systems Working Group||2011-09||[http://www.cyber.st.dhs.gov/wp-content/uploads/2011/09/Energy_Roadmap.pdf Roadmap to Achieve Energy Delivery Systems Cybersecurity]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]]||No
 
|-
 
|-
| Korns, Stephen W. ||2009||[http://cyber.law.harvard.edu/cybersecurity/Cyber_Operations Cyber Operations ]||Journal Article ||4.8 [[Attribution]],<br>4.12 [[Cyberwar]],<br>5.6 [[Deterrence]]||Yes
+
| Department of Homeland Security||2011-11||[http://www.dhs.gov/xlibrary/assets/nppd/blueprint-for-a-secure-cyber-future.pdf Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise]||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Moore, Tyler, et. al ||2009||[http://cyber.law.harvard.edu/cybersecurity/The_Economics_of_Online_Crime The Economics of Online Crime ]||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]]||Yes
+
| NSTC||2011-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program]||U.S. Government Report||5.3 [[Government Organizations]]||No
 
|-
 
|-
| Schmitt, Michael N. ||1999||[http://cyber.law.harvard.edu/cybersecurity/Computer_Network_Attack_and_the_Use_of_Force_in_International_Law Computer Network Attack and the Use of Force in International Law ]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| White House||2012-01||[http://www.whitehouse.gov/sites/default/files/national_strategy_for_global_supply_chain_security.pdf National Strategy for Global Supply Chain Security]||U.S. Government Report||4.3 [[Supply Chain Issues]]||No
 
|-
 
|-
| Barkham, Jason ||2001||[http://cyber.law.harvard.edu/cybersecurity/Information_Warfare_and_International_Law_on_the_Use_of_Force Information Warfare and International Law on the Use of Force ]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| White House||2012-02||[http://www.whitehouse.gov/sites/default/files/privacy-final.pdf Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy]||U.S. Government Report||4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
 
|-
 
|-
| Swire, Peter P. ||2004||[http://cyber.law.harvard.edu/cybersecurity/A_Model_for_When_Disclosure_Helps_Security A Model for When Disclosure Helps Security ]||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+
| Department of Energy||2012-04||[http://energy.gov/sites/prod/files/OAS-RA-12-04.pdf The Department's Management of the Smart Grid Investment Grant Program]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>4.2.1 [[Risk Management and Investment]]||No
 
|-
 
|-
| Aviram, Amitai ||2004||[http://cyber.law.harvard.edu/cybersecurity/Overcoming_Impediments_to_Information_Sharing Overcoming Impediments to Information Sharing ]||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]||Yes
+
| GAO||2003-08-27||[http://www.gao.gov/products/GAO-03-760 Efforts to Improve Information sharing Need to Be Strengthened ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Johnson, Vincent R. ||2005||[http://cyber.law.harvard.edu/cybersecurity/Cybersecurity,_Identity_Theft,_and_the_Limits_of_Tort_Liability Cybersecurity, Identity Theft, and the Limits of Tort Liability ]||Journal Article ||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||Yes
+
| White House/OMB||2009-05-29||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure ]||U.S. Government Report ||4. [[Issues]],<br>5. [[Approaches]]||No
 
|-
 
|-
| Powell, Benjamin ||2005||[http://cyber.law.harvard.edu/cybersecurity/Is_Cybersecurity_a_Public_Good Is Cybersecurity a Public Good ]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.5 [[Market Failure]],<br>5.1 [[Regulation/Liability]]||Yes
+
| GAO||2009-11-17||[http://www.gao.gov/products/GAO-10-230t Continued Efforts Are Needed to Protect Information Systems from Evolving Threats ]||U.S. Government Report ||3.2 [[Actors and Incentives]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Granick, Jennifer Stisa ||2005||[http://cyber.law.harvard.edu/cybersecurity/The_Price_of_Restricting_Vulnerability_Publications The Price of Restricting Vulnerability Publications ]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+
| White House/OMB||2010-03-02||[http://www.whitehouse.gov/cybersecurity/comprehensive-national-cybersecurity-initiative Comprehensive National Cybersecurity Initiative (CNCI) ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| Brown, Davis ||2006||[http://cyber.law.harvard.edu/cybersecurity/A_Proposal_for_an_International_Convention_To_Regulate_the_Use_of_Information_Systems_in_Armed_Conflict A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict ]||Journal Article ||3.3.2.1 Military networks (.gov),<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| GAO||2010-03-05||[http://www.gao.gov/products/GAO-10-338 Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Swire, Peter P. ||2006||[http://cyber.law.harvard.edu/cybersecurity/A_Theory_of_Disclosure_for_Security_and_Competitive_Reasons A Theory of Disclosure for Security and Competitive Reasons ]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+
| GAO||2010-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Schwartz, Paul ||2007||[http://cyber.law.harvard.edu/cybersecurity/Notification_of_Data_Security_Breaches Notification of Data Security Breaches ]||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+
| GAO||2010-03-24||[http://www.gao.gov/products/GAO-10-536t Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at: ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Hollis, Duncan B. ||2007||[http://cyber.law.harvard.edu/cybersecurity/Why_States_Need_an_International_Law_for_Information_Operations Why States Need an International Law for Information Operations ]||Journal Article ||4.12 [[Cyberwar]],<br>4.13 [[Government to Government|Government to Government Espionage]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| GAO||2010-04-12||[http://www.gao.gov/products/GAO-10-237 Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| Epstein, Richard A. ||2008||[http://cyber.law.harvard.edu/cybersecurity/Cybersecurity_in_the_Payment_Card_Industry Cybersecurity in the Payment Card Industry ]||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||Yes
+
| GAO||2010-06-16||[http://www.gao.gov/products/GAO-10-834t Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Todd, Graham H. ||2009||[http://cyber.law.harvard.edu/cybersecurity/Armed_Attack_in_Cyberspace Armed Attack in Cyberspace ]||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 Internaitonal Law (including Laws of War)||Yes
+
| U.S. Navy ||2010-06-17||[http://www.doncio.navy.mil/PolicyView.aspx?ID=1804 DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Beard, Jack M. ||2009||[http://cyber.law.harvard.edu/cybersecurity/Law_and_War_in_the_Virtual_Era Law and War in the Virtual Era ]||Journal Article ||4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| White House/OMB||2010-06-25||[http://www.dhs.gov/xlibrary/assets/ns_tic.pdf The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Sklerov, Matthew J. ||2009||[http://cyber.law.harvard.edu/cybersecurity/Solving_the_Dilemma_of_State_Responses_to_Cyberattacks Solving the Dilemma of State Responses to Cyberattacks ]||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 Internaitonal Law (including Laws of War)||Yes
+
| GAO||2010-07-01||[http://www.gao.gov/products/GAO-10-513 Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Watts, Sean ||2010||[http://cyber.law.harvard.edu/cybersecurity/Combatant_Status_and_Computer_Network_Attack Combatant Status and Computer Network Attack ]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| White House/OMB||2010-07-06||[http://www.whitehouse.gov/sites/default/files/omb/assets/memoranda_2010/m10-28.pdf Clarifying Cybersecurity Responsibilities ]||U.S. Government Report ||5.3 [[Government Organizations]]||No
 
|-
 
|-
| International Telecommunications Union ||2012-02-10||[http://www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-toolkit-cybercrime-legislation.pdf ITU Toolkit for Cybercrime Legislation ]||Independent Report||||No
+
| GAO||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Varian, Hal ||2000||[http://cyber.law.harvard.edu/cybersecurity/Managing_Online_Security_Risks Managing Online Security Risks ]||Article||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]]||Yes
+
| U.S. Air Force ||2010-07-15||[http://www.e-publishing.af.mil/shared/media/epubs/afdd3-12.pdf Cyberspace Operations: Air Force Doctrine Document 3-12 ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| European Network and Information Security Agency ||2010-10-07||[http://www.enisa.europa.eu/media/press-releases/stuxnet-analysis Stuxnet Analysis ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
+
| Quadrennial Defense Review ||2010-07-30||[http://www.usip.org/quadrennial-defense-review-independent-panel-/view-the-report The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report) ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| European Network and Information Security Agency (ENISA) ||2011-04-11||[http://www.enisa.europa.eu/act/res/other-areas/inter-x/report/interx-report Resilience of the Internet Interconnection Ecosystem, at: ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+
| GAO||2010-08-02||[http://www.gao.gov/products/GAO-10-606 United States Faces Challenges in Addressing Global Cybersecurity and Governance ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]||No
 
|-
 
|-
| Cabinet Office (United Kingdom) ||2012-11-11||[http://www.cabinetoffice.gov.uk/sites/default/files/resources/uk-cyber-security-strategy-final.pdf The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+
| GAO||2010-09-15||[http://www.gao.gov/products/GAO-10-916 Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| van Eeten, Michel J. G. ||2008||[http://cyber.law.harvard.edu/cybersecurity/Economics_of_Malware Economics of Malware ]||Non-U.S. Government Report||4.2 [[Economics of Cybersecurity]]||Yes
+
| GAO||2010-09-23||[http://www.gao.gov/products/GAO-10-772 DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Lernard, Thomas M. ||2005||[http://cyber.law.harvard.edu/cybersecurity/An_Economic_Analysis_of_Notification_Requirements_for_Data_Security_Breaches An Economic Analysis of Notification Requirements for Data Security Breaches ]||Article||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+
| GAO||2010-10-06||[http://www.gao.gov/products/GAO-11-24 Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed ]||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| Clinton, Larry ||Undated ||[http://cyber.law.harvard.edu/cybersecurity/Cyber-Insurance_Metrics_and_Impact_on_Cyber-Security Cyber-Insurance Metrics and Impact on Cyber-Security ]||Article||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]]||Yes
+
| National Research Council, Committee for Advancing Software-Intensive Systems Producibility ||2010-10-20||[http://www.nap.edu/catalog.php?record_id=12979 Critical Code: Software Producibility for Defense ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| Dunlap, Charles J. Jr. ||2009||[http://cyber.law.harvard.edu/cybersecurity/Towards_a_Cyberspace_Legal_Regime_in_the_Twenty-First_Century Towards a Cyberspace Legal Regime in the Twenty-First Century ]||Article||4.5 [[Psychology and Politics]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+
| GAO||2010-11-30||[http://www.gao.gov/products/GAO-11-43 Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk ]||U.S. Government Report ||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| Anderson, Ross, et. al ||2008||[http://cyber.law.harvard.edu/cybersecurity/Security_Economics_and_the_Internal_Market Security Economics and the Internal Market ]||Article||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.6 [[Deterrence]]||Yes
+
| White House/OMB||2010-12-09||[http://www.cio.gov/documents/25-Point-Implementation-Plan-to-Reform-Federal%20IT.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| U.S. House Permenant Select Committee on Intelligence||2011-02-10||[https://intelligence.house.gov/hearing/full-committee-world-wide-threats-hearing World Wide Threats]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| GAO||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||U.S. Government Report ||3.3.2.1 [[Electricity]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-02-11||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cpreventing-chemical-terrorism-building-foundation-security-our-nation Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
+
| White House ||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-02-11||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=90d8a16a-23b7-4b9c-a732-cb10ab20e579&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=2&YearDisplay=2011 What Should the Department of Defense’s Role in Cyber Be?]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No
+
| White House/OMB||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-02-17||[http://www.hsgac.senate.gov/hearings/the-homeland-security-departments-budget-submission-for-fiscal-year-2012 Homeland Security Department’s Budget Submission for Fiscal Year 2012]||U.S. Government Hearing||||No
+
| GAO||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-03-10||[http://www.hsgac.senate.gov/hearings/information-sharing-in-the-era-of-wikileaks-balancing-security-and-collaboration Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+
| White House ||2011-04-15||[http://www.whitehouse.gov/the-press-office/2011/04/15/administration-releases-strategy-protect-online-consumers-and-support-in Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. Senate Committee on Energy and Natural Resources||2011-03-15||[ Cybersecurity and Critical Electric Infrastructure (closed)]||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]]||No
+
| White House ||2011-04-15||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-03-16||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=79ce7b4c-f88b-40bf-9540-efdb3a2d26b2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2011 2012 Budget Request from U.S. Cyber Command]||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]]||No
+
| White House/OMB||2011-05-12||[http://www.whitehouse.gov/the-press-office/2011/05/12/fact-sheet-cybersecurity-legislative-proposal Cybersecurity Legislative Proposal (Fact Sheet) ]||U.S. Government Report ||4. [[Issues]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-03-16||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-cyber-threat-critical-infrastructure-and-american-economy Examining the Cyber Threat to Critical Infrastructure and the American Economy]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]]||No
+
| White House/OMB||2011-05-16||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]||No
 
|-
 
|-
| U.S. Senate Committee on Judiciary||2011-03-30||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da1697f72 Oversight of the Federal Bureau of Investigation]||U.S. Government Hearing||3. [[Threats and Actors]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+
| Department of Commerce ||2011-06-14||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power)||2011-03-31||[http://www.dhs.gov/ynews/testimony/testimony_1301595025263.shtm Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs  ]||U.S. Government Hearing||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No
+
| GAO||2011-07-08||[http://www.gao.gov/products/GAO-11-149 Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain ]||U.S. Government Report ||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-04-12||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16a9959 Cyber Security: Responding to the Threat of Cyber Crime and Terrorism]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||No
+
| Department of Defense ||2011-07-14||[http://www.defense.gov/news/d20110714cyber.pdf Department of Defense Strategy for Operating in Cyberspace ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations)||2011-04-15||[http://foreignaffairs.house.gov/hearing_notice.asp?id=1279 Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology]||U.S. Government Hearing||3.2.1 Governments,<br>4.12 [[Cyberwar]],<br>4.13 [[Espionage]]||No
+
| GAO||2011-07-25||[http://www.gao.gov/products/GAO-11-75 Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-04-15||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9C-dhs-cybersecurity-mission-promoting-innovation-and-securing-critical DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+
| GAO||2011-07-26||[http://www.gao.gov/products/GAO-11-463T Continued Attention Needed to Protect Our Nation’s Critical Infrastructure ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-05-03||[http://www.armed-services.senate.gov/Transcripts/2011/05%20May/11-31%20-%205-3-11.pdf To receive testimony on the health and status of the defense industrial base and its science and technology-related elements]||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.3 [[Supply Chain Issues]],<br>5.3 [[Government Organizations]]||No
+
| Secretary of the Air Force ||2011-07-27||[http://www.e-publishing.af.mil/shared/media/epubs/AFI51-402.pdf Legal Reviews of Weapons and Cyber Capabilities ]||U.S. Government Report ||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]]||No
 
|-
 
|-
| U.S. Senate Committee on Energy and Natural Resources||2011-05-05||[http://www.energy.senate.gov/public/index.cfm/hearings-and-business-meetings?ID=929c1441-da25-c99d-3e27-af20c29e3b4b Cybersecurity of the Bulk-Power System and Electric Infrastructure]||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]]||No
+
| GAO||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-05-23||[http://www.hsgac.senate.gov/hearings/protecting-cyberspace-assessing-the-white-house-proposal Protecting Cyberspace: Assessing the White House Proposal]||U.S. Government Hearing||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]]||No
+
| General Accountability Office (GAO) ||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations)||2011-05-25||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-immediate-threat-to-the-united-states/ Cybersecurity: Assessing the Immediate Threat to the United States]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||No
+
| NIST ||2011-09-01||[http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505 Cloud Computing Reference Architecture ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]]||No
 
|-
 
|-
| U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet)||2011-05-25||[http://judiciary.house.gov/hearings/hear_05252011.html Cybersecurity: Problems Innovative Solutions to Challenging]||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]]||No
+
| White House/OMB||2011-09-14||[http://www.whitehouse.gov/sites/default/files/omb/memoranda/2011/m11-33.pdf FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education)||2011-05-25||[http://science.house.gov/hearing/subcommittee-research-and-science-education-subcommittee-technology-and-innovation-%E2%80%93-joint Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| GAO||2011-10-03||[http://www.gao.gov/products/GAO-12-137 Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies)||2011-05-26||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cunlocking-safety-act%E2%80%99s-potential-promote-technology-and-combat Unlocking the SAFETY Act’s [Support Anti-terrorism by Fostering Effective Technologies - P.L. 107-296] Potential to Promote Technology and Combat Terrorism]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
+
| GAO||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Energy and Commerce||2011-05-31||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8639 Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act]||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+
| GAO ||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade)||2011-06-02||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8653 Sony and Epsilon: Lessons for Data Security Legislation]||U.S. Government Hearing||4.9 [[Identity Management]],<br>5.1 [[Regulation/Liability]],<br>5.2 [[Private Efforts/Organizations]]||No
+
| White House/OMB||2011-10-07||[http://www.whitehouse.gov/the-press-office/2011/10/07/executive-order-structural-reforms-improve-security-classified-networks- Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing)||2011-06-15||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8693 Discussion Draft of H.R. ___, a bill to require greater protection for sensitive consumer data and timely notification in case of breach]||U.S. Government Hearing||4.6 [[Information Sharing/Disclosure]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
+
| GAO||2011-10-17||[http://www.gao.gov/products/GAO-11-634 Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management ]||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. Senate Committee on Banking, Housing and Urban Affairs||2011-06-21||[http://banking.senate.gov/public/index.cfm?FuseAction=Hearings.Hearing&Hearing_ID=87487cb2-4710-4c09-a1b0-a9e12cda88f1 Cybersecurity and Data Protection in the Financial Sector]||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
+
| GAO||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at: ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-06-21||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16e1bbe Cybersecurity: Evaluating the Administration’s Proposals]||U.S. Government Hearing||1. [[Overview]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+
| NIST ||2011-12-01||[http://www.nist.gov/itl/cloud/upload/SP_500_293_volumeII.pdf U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-06-24||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-homeland-security-impact-obamaadministrations-cybersecurity Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+
| White House/OMB||2011-12-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program ]||U.S. Government Report ||5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
 
|-
 
|-
| U.S. House Committee on Financial Services (field hearing in Hoover, AL)||2011-06-29||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=246611 Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information]||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>5.1 [[Regulation/Liability]]||No
+
| White House/Office of Management and Budget (OMB) ||2011-12-08||[http://www.cio.gov/fedrampmemo.pdf Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP) ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. Senate Committee on Commerce, Science and Transportation||2011-06-29||[http://commerce.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=e2c2a2ca-91d6-48a2-b5ea-b5c4104bdb97&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=b06c39af-e033-4cba-9221-de668ca1978a&MonthDisplay=6&YearDisplay=2011 Privacy and Data Security: Protecting Consumers in the Modern World]||U.S. Government Hearing||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
+
| GAO||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Oversight and Government Reform||2011-07-07||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-nations-ability-to-address-the-growing-cyber-threat/ Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat]||U.S. Government Hearing||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+
| General Accountability Office (GAO) ||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||U.S. Government Report ||||No
 
|-
 
|-
| U.S. House Committee on Science, Space and Technology||2011-07-21||[http://science.house.gov/markup/full-committee-%E2%80%93-markup Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
+
| Department of Energy (DOE) Inspector General ||2012-01-01||[http://energy.gov/ig/downloads/departments-management-smart-grid-investment-grant-program-oas-ra-12-04 The Department’s Management of the Smart Grid Investment Grant Program ]||U.S. Government Report ||3.3.2.1 [[Electricity]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. Senate Committee on Small Business and Entrepreneurship||2011-07-25||[http://www.sbc.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=6b4d51de-dd67-434b-869f-a717b315e6c2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=43eb5e02-e987-4077-b9a7-1e5a9cf28964&MonthDisplay=7&YearDisplay=2011 Role of Small Business in Strengthening Cybersecurity Efforts in the United States]||U.S. Government Hearing||4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]]||No
+
| Federal CIO Council ||2012-01-04||[http://www.gsa.gov/portal/category/102371 Federal Risk and Authorization Management Program (FedRAMP) ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2011-07-26||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8824 Cybersecurity: Infrastructure An Overview of Risks to Critical]||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+
| Department of Defense ||2012-02-16||[http://www.fas.org/sgp/othergov/dod/5200_01v1.pdf DOD Information Security Program: Overview, Classification, and Declassification ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. Senate Committee on Judiciary||2011-09-07||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=3d9031b47812de2592c3baeba629084b Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats]||U.S. Government Hearing||3.11 Cybercrime,<br>4.13 [[Industrial|Industrial Espionage]],<br>5.1 [[Regulation/Liability]]||No
+
| NIST ||2012-02-17||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit)||2011-09-14||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=258792 Combating Cybercriminals]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>5.7 Government Organizations||No
+
| President's Commission on Critical Infrastructure Protection ||1997--||[[Critical_Foundations|Critical Foundations ]]||U.S. Government Report ||3.3.2 [[Private Critical Infrastructure]],<br>3.3.3 [[Communications]],<br>5.3 [[Government Organizations]]||Yes
 
|-
 
|-
| U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation)||2011-09-21||[http://science.house.gov/hearing/technology-and-innovation-subcommittee-hearing-cloud-computing The Cloud Computing Outlook]||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+
| Department of Defense ||1999--||[[An_Assessment_of_International_Legal_Issues_in_Information_Operations|An Assessment of International Legal Issues in Information Operations ]]||U.S. Government Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
 
|-
 
|-
| U.S. House Permenant Select Committee on Intelligence||2011-10-04||[https://intelligence.house.gov/hearing/cyber-threats-and-ongoing-efforts-protect-nation Cyber Threats and Ongoing Efforts to Protect the Nation]||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.13 [[Industrial|Industrial Espionage]],<br>5.4 [[International Cooperation]]||No
+
| Department of Homeland Security ||2003--||[[The_National_Strategy_for_the_Physical_Protection_of_Critical_Infrastructures_and_Key_Assets|The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets ]]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology)||2011-10-06||[http://homeland.house.gov/hearing/cloud-computing-what-are-security-implications Cloud Computing: What are the Security Implications?]||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]]||No
+
| White House ||2003--||[[The_National_Strategy_to_Secure_Cyberspace|The National Strategy to Secure Cyberspace ]]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperations]]||Yes
 
|-
 
|-
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-11-03||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=42c170fb-8e0c-453a-81a2-f4ee3fa89283&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=11&YearDisplay=2011 Institutionalizing Irregular Warfare Capabilities]||U.S. Government Hearing||4.12 [[Cyberwar]]||No
+
| National Infrastructure Advisory Council ||2004--||[[Hardening_The_Internet|Hardening The Internet ]]||U.S. Government Report ||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||Yes
 
|-
 
|-
| U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security)||2011-11-15||[http://judiciary.house.gov/hearings/hear_11152011.html Cybersecurity: Protecting America’s New Frontier]||U.S. Government Hearing||4.10 [[Privacy]],<br>4.11 [[Cybercrime]]||No
+
| National Cyber Security Summit Task Force ||2004--||[[Information_Security_Governance|Information Security Governance ]]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[government Organizations]]||Yes
 
|-
 
|-
| U.S. House Committee on the Judiciary||2011-11-16||[http://judiciary.house.gov/hearings/hear_11162011.html Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act)]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||No
+
| United States Secret Service ||2004--||[[Insider_Threat_Study|Insider Threat Study ]]||U.S. Government Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.2 [[Incentives]],<br>4.4 [[Usability/Human Factor]]||Yes
 
|-
 
|-
| U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology)||2011-12-01||[http://smallbusiness.house.gov/Calendar/EventSingle.aspx?EventID=270278 Cyber Security: Protecting Your Small Business]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||No
+
| Department of Defense ||2005-||[[Strategy_for_Homeland_Defense_and_Civil_Support|Strategy for Homeland Defense and Civil Support ]]||U.S. Government Report ||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
 
|-
 
|-
| U.S. House Permenant Select Committee on Intelligence||2011-12-01||[https://intelligence.house.gov/markup/mark-hr-xxxx-%E2%80%9Ccyber-intelligence-sharing-and-protection-act-2011%E2%80%9D Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011]||U.S. Government Hearing||4.6 Information Sharing,<br>5.1 [[Regulation/Liability]]||No
+
| President's Information Technology Advisory Council ||2005--||[[Cyber_Security:_A_Crisis_of_Prioritization|Cyber Security: A Crisis of Prioritization ]]||U.S. Government Report ||4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||Yes
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-12-06||[http://homeland.house.gov/hearing/subcommittee-hearing-hearing-draft-legislative-proposal-cybersecurity Hearing on Draft Legislative Proposal on Cybersecurity]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+
| Deputy Chief of Staff for Intelligence ||2006--||[[Critical_Infrastructure_Threats_and_Terrorism|Critical Infrastructure Threats and Terrorism ]]||U.S. Government Report ||3.3 [[Security Targets]],<br>4.11 [[Cybercrime]],<br>4.12 [[Cyberwar]]||Yes
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2012-02-01||[http://homeland.house.gov/markup/subcommittee-markup-hr-3674 Consideration and Markup of H.R. 3674]||U.S. Government Hearing||4.6 Information Sharing,<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+
| National Science and Technology Council ||2006--||[[Federal_Plan_for_Cyber_Security_and_Information_Assurance_Research_and_Development|Federal Plan for Cyber Security and Information Assurance Research and Development ]]||U.S. Government Report ||4.1 [[Metrics]],<br>4.7 [[Attribution]],<br>4.8 [[Public-Private Cooperation]]||Yes
 
|-
 
|-
| U.S. Senate Committee on Homeland Security and Governmental Affairs||2012-02-16||[http://www.hsgac.senate.gov/hearings/securing-americas-future-the-cybersecurity-act-of-2012 Securing America’s Future: The Cybersecurity Act of 2012]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||No
+
| National Institute of Standards and Technology ||2006--||[[SP_800-82:_Guide_to_Supervisory_Control_and_Data_Acquisition_(SCADA)_and_Industrial_Control_Systems_Security|SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security ]]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>.2.1 [[Risk Management and Investment]],<br>5.2 [[Private Efforts/Organizations]]||Yes
 
|-
 
|-
| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-02-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9318 Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security]||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.2.1 [[Risk Management and Investment]]||No
+
| Department of Defense ||2007--||[[Mission_Impact_of_Foreign_Influence_on_DoD_Software|Mission Impact of Foreign Influence on DoD Software ]]||U.S. Government Report ||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
 
|-
 
|-
| U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight)||2012-02-29||[http://science.house.gov/hearing/subcommittee-investigations-and-oversight-hearing-nasa-cybersecurity-examination-agency%E2%80%99s NASA Cybersecurity: An Examination of the Agency’s Information Security]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| Department of Homeland Security ||2009--||[[A_Roadmap_for_Cybersecurity_Research|A Roadmap for Cybersecurity Research ]]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||Yes
 
|-
 
|-
| U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-07||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9342 Cybersecurity:Networks    The Pivotal Role of Communications]||U.S. Government Hearing||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| White House ||2009--||[[Cyberspace_Policy_Review|Cyberspace Policy Review ]]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[Government Organizations]]||Yes
 
|-
 
|-
| U.S. Senate Committee on Judiciary||2012-03-13||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=8b30fa475a5089d793576cd947089793 The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||No
+
| Networking and Information Technology Research and Development ||2009--||[[National_Cyber_Leap_Year_Summit_2009,_Co-Chairs%27_Report|National Cyber Leap Year Summit 2009, Co-Chairs' Report ]]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]],<br>5.7 [[Technology]]||Yes
 
|-
 
|-
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=92823c77-38f0-4c20-a3ee-36729e8e19a3&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2012 Fiscal 2013 Defense Authorization: IT and Cyber Operations]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>Government Organizations||No
+
| Department of Commerce ||2010--||[[Defense_Industrial_Base_Assessment|Defense Industrial Base Assessment ]]||U.S. Government Report ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||Yes
 
|-
 
|-
| U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://www.armed-services.senate.gov/Transcripts/2012/03%20March/12-14%20-%203-20-12.pdf To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No
+
| White House ||2010--||[[The_Comprehensive_National_Cybersecurity_Initiative|The Comprehensive National Cybersecurity Initiative ]]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
 
|-
 
|-
| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-03-27||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9393 IT Supply Chain Security: Review of Government and Industry Efforts]||U.S. Government Hearing||4.3 [[Supply Chain Issues]]||No
+
| U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs) ||2010-009||[http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain Defending a New Domain ]||U.S. Government Report ||||No
 
|-
 
|-
| U.S. Senate Committee on Armed Services||2012-03-27||[http://armed-services.senate.gov/e_witnesslist.cfm?id=5283 To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program.]||U.S. Government Hearing||3.2.1 [[States]],<br>4.2 [[Economics of Cybersecurity]],<br>4.12 [[Cyberwar]]||No
+
| Department of Defense ||2011-04||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DOD) ]||U.S. Government Report ||||No
 
|-
 
|-
| U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9397 Cybersecurity:Threats to Communications Networks and Public-Sector Responses]||U.S. Government Hearing||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+
| Department of Energy, Office of Electricity Delivery & Energy Reliability ||Undated||[http://energy.gov/oe/technology-development/energy-delivery-systems-cybersecurity Cybersecurity for Energy Delivery Systems Program ]||U.S. Government Report ||3.3.2.1 [[Electricity]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-19||[http://homeland.house.gov/hearing/subcommittee-hearing-dhs-and-doe-national-labs-finding-efficiencies-and-optimizing-outputs The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+
| GAO||2009-07||[http://www.gao.gov/new.items/d09546.pdf Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management)||2012-04-24||[http://homeland.house.gov/hearing/subcommittee-hearing-america-under-cyber-attack-why-urgent-action-needed America is Under Cyber Attack: Why Urgent Action is Needed]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.12 [[Actors and Incentives]]||No
+
| GAO||2009-09||[http://www.gao.gov/new.items/d09617.pdf Information Security: Concerted Effort Needed to Improve Federal Performance Measures]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
 
|-
 
|-
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-26||[http://homeland.house.gov/hearing/joint-subcommittee-hearing-iranian-cyber-threat-us-homeland Iranian Cyber Threat to U.S. Homeland]||U.S. Government Hearing||3.2.1 States,<br>3.3 Security Targets,<br>4.12 Cyberwar||No
+
| General Services Administration (GSA) ||2012-02-07||[http://www.gsa.gov/graphics/staffoffices/FedRAMP_CONOPS.pdf Concept of Operations: FedRAMP ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
 
|}
 
|}

Revision as of 16:42, 2 August 2012

U.S. Government Report
U.S. Government Hearing
Non-U.S. Government Report
Independent Report
Industry Report
Book
Journal Article
Article
1. Overview
3. Threats and Actors
3.1 The Threat and Skeptics
3.2 Actors and Incentives
3.2.1 States
3.2.2 Groups
3.2.3 Hacktivists
3.2.4 Terrorists
3.2.5 Criminals and Criminal Organizations
3.3 Security Targets
3.3.1 Public Critical Infrastructure
3.3.1.1 Government Networks (.gov)
3.3.1.2 Military Networks (.mil)
3.3.2 Private Critical Infrastructure
3.3.2.1 Electricity, Oil and Natural Gas
3.3.2.2 Financial Institutions and Networks
3.3.2.3 Transportation
3.3.2.4 Water, Sewer, etc.
3.3.3 Communications
3.3.3.1 Telephone
3.3.3.2 Public Data Networks
3.3.3.3 Cloud Computing
4. Issues
4.1 Metrics
4.2 Economics of Cybersecurity
4.2.1 Risk Management and Investment
4.2.2 Incentives
4.2.3 Insurance
4.2.4 Behavioral Economics
4.2.5 Market Failure
4.3 Supply Chain Issues
4.4 Usability/Human Factors
4.5 Psychology and Politics
4.6 Information Sharing/Disclosure
4.7 Public-Private Cooperation
4.8 Attribution
4.9 Identity Management
4.10 Privacy
4.11 Cybercrime
4.12 Cyberwar
4.13 Espionage
4.13.1 Government to Government
4.13.2 Industrial
4.13.3 Media Perceptions
5. Approaches
5.1 Regulation/Liability
5.2 Private Efforts/Organizations
5.3 Government Organizations
5.4 International Cooperation
5.5 International Law (including Laws of War)
5.6 Deterrence
5.7 Technology
Author/Agency Date Title Type Category Synopsis
Schneier, Bruce 2003-- Beyond Fear Book 3.2 Actors and Incentives,
4.5 Psychology and Politics,
5.6 Deterrence
Yes
Camp, L. Jean 2004-- Economics of Information Security Book 4.2 Economics of Cybersecurity,
5.1 Regulation/Liability
Yes
Camp, L. Jean 2004-- Pricing Security Book 4.2.1 Risk Management and Investment,
4.2.2 Incentives
Yes
Varian, Hal 2004-- System Reliability and Free Riding Book 4.2 Economics of Cybersecurity Yes
Grady, Mark F. 2006-- The Law and Economics of Cybersecurity Book 4.2 Economics of Cybersecurity,
5.1 Regulation/Liability
Yes
Gandal, Neil 2008-- An Introduction to Key Themes in the Economics of Cyber Security Book 4.2 Economics of Cybersecurity,
4.2.2 Incentives,
5.7 Technology
Yes
Johnson, Eric M. 2008-- Managing Information Risk and the Economics of Security Book 4.2 Economics of Cybersecurity,
4.2.1 Risk Management and Investment,
5.1 Regulation/Liability
Yes
Schneier, Bruce 2008-- Schneier on Security Book 3.2 Actors and Incentives,
4.4 Usability/Human Factors,
5.1 Regulation/Liability
Yes
Anderson, Ross J. 2008-- Security Engineering Book 3.2 Security Targets,
4.2 Economics of Cybersecurity,
5.1 Regulation/Liability
Yes
Zittrain, Jonathan L. 2008-- The Future of the Internet and How To Stop It Book 4.4 Usability/Human Factors,
5.1 Regulation/Liability
Yes
Kramer, Franklin D., et. al 2009-- Cyberpower and National Security Book 1. Overview Yes
Moore, Tyler 2009-- The Impact of Incentives on Notice and Take-down Book 4.2.2 Incentives,
4.11 Cybercrime,
5.4 International Cooperation
Yes
Nye, Joseph 2010-- Cyber Power Book 4.12 Cyberwar,
4.13 Espionage,
5.5 International Law (including Laws of War)
Yes
Clarke, Richard A. 2010-- Cyber War Book 3.1 The Threat and Skeptics,
3.2.1 States,
4.12 Cyberwar
Yes
Rotenberg et. al. 2010-- The Cyber War Threat Has Been Grossly Exaggerated Article 3.1 The Threat and Skeptics,
3.2.1 States,
4.12 Cyberwar
Yes
Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum 2009-09-15 National Security Threats in Cyberspace Independent Report No
IEEE/EastWest Institute 2010-05-26 The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report) Independent Report 3.3.3 Communications,
4.7 Public-Private Cooperation,
5.4 International Cooperation
No
Pew Research Center’s Internet & American Life Project 2010-06-11 The future of cloud computing Independent Report 3.3.3.3 Cloud Computing No
Council on Foreign Relations 2010-07-15 Untangling Attribution: Moving to Accountability in Cyberspace [Testimony] Independent Report 3.2 Actors and Incentives,
4.8 Attribution,
5. Approaches
No
National Research Council 2010-09-21 Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop Independent Report 4.2 Economics of Cybersecurity,
4.4 Usability/Human Factors,
4.10 Privacy
No
National Research Council 2010-10-05 Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy Independent Report 3. Threats and Actors,
4. Issues,
5. Approaches
No
National Security Initiative 2010-10-18 American Security Challenge Independent Report No
Organisation for Economic Co-operation and Development (OECD) 2010-11-12 The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data Independent Report 3. Threats and Actors,
5.7 Technology
No
Institute for Science and International Security 2010-12-22 Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment Independent Report 3. Threats and Actors,
3.3 Security Targets,
5.7 Technology
No
Threat Level Blog (Wired) 2010-12-27 A Four-Day Dive Into Stuxnet’s Heart Independent Report 3. Threats and Actors,
5.7 Technology
No
University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research 2011-01-13 Design of the DETER Security Testbed Independent Report 5.3 Government Organizations,
5.7 Technology
No
EastWest Institute 2011-02-03 Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace Independent Report 3.2.1 States,
5.4 International Cooperation,
5.5 International Law (including Laws of War)
No
Massachusetts Institute of Technology (MIT) 2011-12-05 The Future of the Electric Grid Independent Report 3.3.2.1 Electricity,
4. Issues,
5.1 Regulation/Liability
No
RAND 2011-12-21 A Cyberworm that Knows No Boundaries Independent Report 3. Threats and Actors,
5.3 Government Organizations,
5.7 Technology
No
National Association of Secretaries of State 2012-01-12 Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices Independent Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
No
International Telecommunications Union 2012-02-10 ITU Toolkit for Cybercrime Legislation Independent Report No
Center for a New American Security 2012-06-11 America’s Cyber Future: Security and Prosperity in the Information Age Independent Report 1. Overview,
4. Issues,
5. Approaches
No
National Security Cyberspace Institute 2012-07-11 Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies Independent Report No
Centre for Secure Information Technologies 2012-09-11 World Cybersecurity Technology Research Summit (Belfast 2011) Independent Report No
Business Roundtable 2012-10-11 Mission Critical: A Public-Private Strategy for Effective Cybersecurity Independent Report No
Mitre Corp (JASON Program Office) 2012-11-10 Science of Cyber-Security Independent Report 1. Overview,
4. Issues
No
Cloud Security Alliance 2012-12-09 Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 Independent Report 3.3.3.3 Cloud Computing,
4. Issues,
5.2 Private Efforts/Organizations
No
CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies 2011-01 Cybersecurity Two Years Later Independent Report 3. Threats and Actors,
5. Approaches,
5.3 Government Organizations
No
Software and Information Industry Association (SAII) 2011-07-26 Guide to Cloud Computing for Policy Makers Independent Report 3.3.3.3 Cloud Computing,
5.1 Regulation/Liability,
5.7 Technology
No
Organization for Economic Co-operation and Development (OECD) 2012-01-10 ICT Applications for the Smart Grid: Opportunities and Policy Implications Independent Report No
National Research Council 1999-- Trust in Cyberspace Independent Report 3.3.3.2 Public Data Networks,
4.2.2 Incentives,
4.7 Public-Private Cooperation
Yes
Anderson, Ross 2001-- Why Information Security is Hard Independent Report 4.2.1 Risk Management and Investment,
4.2.2 Incentives,
5.1 Regulation/Liability
Yes
Computing Research Association 2003- Four Grand Challenges in Trustworthy Computing Independent Report 4.4 Usability/Human Factors,
4.6 Information Sharing/Disclosure,
4.9 Identity Management
Yes
Institute for Information Infrastructure Protection 2003-- Cyber Security Research and Development Agenda Independent Report 4.1 Metrics,
4.2.1 Risk Management and Investment,
5.1 Regulation/Liability
Yes
Dörmann, Knut 2004-- Applicability of the Additional Protocols to Computer Network Attacks Independent Report 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Schmitt, Michael N., et. al 2004-- Computers and War Independent Report 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Lernard, Thomas M. 2005-- An Economic Analysis of Notification Requirements for Data Security Breaches Independent Report 4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Yes
Bohme, Rainer 2005-- Cyber-Insurance Revisited Independent Report 4.2.2 Incentives,
4.2.3 Insurance,
,4.2.5 Market Failure
Yes
Bohme, Rainer 2006-- Models and Measures for Correlation in Cyber-Insurance Independent Report 4.2.3 Insurance,
5.2 Private Efforts/Organizations
Yes
Energetics Inc. 2006-- Roadmap to Secure Control Systems in the Energy Sector Independent Report 3.3.1 Public Critical Infrastructure,
4.7 Public-Private Cooperation
Yes
Franklin, Jason, et. al 2007-- An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants Independent Report 3.2.5 Criminals and Criminal Organizations,
4.2 Economics of Cybersecurity,
4.11 Cybercrime
Yes
Moore, Tyler 2007-- Examining the Impact of Website Take-down on Phishing Independent Report 4.2 Economics of Cybersecurity,
4.11 Cybercrime,
5.7 Technology
Yes
National Research Council 2007-- Toward a Safer and More Secure Cyberspace Independent Report 1. Overview,
4.8 Attribution,
5.6 Deterrence
Yes
Romanosky et al. 2008-- Do Data Breach Disclosure Laws Reduce Identity Theft Independent Report 4.2.2 Incentives,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Yes
Financial Services Sector Coordinating Council for Critical Infrastructure Protection 2008-- Research Agenda for the Banking and Finance Sector Independent Report 3.3.2.2 Financial Institutions and Networks,
4.1 Metrics,
4.2.1 Risk Management and Investment
Yes
Center for Strategic and International Studies 2008-- Securing Cyberspace for the 44th Presidency Independent Report 4.7 Public-Private Cooperation,
5.1 Regulation/Liability,
5.4 International Cooperation
Yes
Moore, Tyler 2008-- The Consequence of Non-Cooperation in the Fight Against Phishing Independent Report 3.3.2.2 Financial Institutions and Networks,
4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure
Yes
National Cyber Defense Initiative 2009-- National Cyber Defense Financial Services Workshop Report Independent Report 3.3.2.2 Financial Institutions and Networks,
4.2.1 Risk Management and Investment,
5.3 Government Organizations
Yes
Bohme, Rainer 2010-- Modeling Cyber-Insurance Independent Report 4.2.2 Incentives,
4.2.3 Insurance,
,5.2 Private Efforts/Organizations
Yes
Clinton, Larry Undated Cyber-Insurance Metrics and Impact on Cyber-Security Independent Report 4.2.3 Insurance,
5.2 Private Efforts/Organizations
Yes
International Instrument Users Association (WIB) 2010-11-10 WIB Security Standard Released Industry Report 3.3 Security Targets,
5.4 International Cooperation
No
Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America 2011-03-08 Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper Industry Report 4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation,
5. Approaches
No
McAfee and Center for Strategic and International Studies (CSIS) 2011-04-21 In the Dark: Crucial Industries Confront Cyberattacks Industry Report 3. Threats and Actors,
3.3.2 Private Critical Infrastructure,
4.7 Public-Private Cooperation
No
Cyber Security Forum Initiative 2011-05-09 Cyber Dawn: Libya Industry Report 3. Threats and Actors,
4. Issues,
5. Approaches
No
National Cyber Security Alliance and Microsoft 2011-05-13 2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey Industry Report 4.4 Usability/Human Factors No
McAfee 2011-08-02 Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years Industry Report 3.2.1 States,
3.3 Security Targets,
4.13 Espionage
No
Symantec 2011-10-24 W32.Duqu: The Precursor to the Next Stuxnet Industry Report 3. Threats and Actors,
5.7 Technology
No
Booz Allen Hamilton and the Economist Intelligence Unit 2012-01-15 Cyber Power Index Industry Report 4. Issues,
4.1 Metrics,
5. Approaches
No
McAfee 2012-02-01 Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World Industry Report 3. Threats and Actors,
4. Issues,
5. Approaches
No
Business Software Alliance 2012-02-02 [ Global Cloud Computing Scorecard a Blueprint for Economic Opportunity ] Industry Report 3.3.3.3 Cloud Computing No
McAfee and the Security Defense Agenda 2012-02-12 Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World Industry Report 1. Overview,
4. Issues,
5. Approaches
No
Microsoft 2012-11-10 Information Security Management System for Microsoft Cloud Infrastructure Industry Report 3.3.3.3 Cloud Computing,
5.2 Private Efforts/Organizations
No
Computer Economics, Inc. 2007-- 2007 Malware Report Industry Report 4.2 Economics of Cybersecurity Yes
Verizon 2010-- 2010 Data Breach Investigations Report Industry Report 3.3.2.2 Financial Institutions and networks,
4.11 Cybercrime,
5.2 Private Efforts/Organizations
Yes
HP TippingPoint DVLabs 2010-- 2010 Top Cyber Security Risks Report Industry report 4.11 Cybercrime,
5.7 Technology
Yes
McAfee, Inc. 2010-- McAfee Threats Report Industry Report 3.2.3 Hacktivists,
3.2.5 Criminals and Criminal Organizations,
4.11 Cybercrime
Yes
Symantec Corporation 2010-- Symantec Global Internet Security Threat Report Industry Report 3.3.2.2 Financial Institutions and Networks,
4.2 Economics of Cybersecurity,
4.11 Cybercrime
Yes
Trend Micro Incorporated 2010-- Trend Micro Annual Report Industry Report 4.11 Cybercrime Yes
Journal of Strategic Studies 2011-10-05 Cyber War Will Not Take Place Journal Article No
Schmitt Michael N 2002-- Wired warfare: Computer network attack and jus in bello Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Schmitt Michael N 2004-- Direct Participation in Hostilities and 21st Century Armed Conflict Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Thom, Maxie 2006-- Information Warfare Arms Control: Risks and Costs Journal Article 3.2.1 States,
4.12 Cyberwar,
5. Approaches
Yes
Graham David E 2010-- Cyber Threats and the Law of War Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Dunlap Charles J, Jr 2011-- Perspectives for Cyber Strategists on Law for Cyberwar Journal Article 4.12 Cyberwar,
5.3 Government Organizations,
5.5 International Law (including Laws of War)
Yes
Schmitt, Michael N. 1999-- Computer Network Attack and the Use of Force in International Law Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Barkham, Jason 2001-- Information Warfare and International Law on the Use of Force Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Swire, Peter P. 2004-- A Model for When Disclosure Helps Security Journal Article 4.2.2 Incentives,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Yes
Aviram, Amitai 2004-- Overcoming Impediments to Information Sharing Journal Article 4.2.1 Risk Management and Investment,
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation
Yes
Johnson, Vincent R. 2005-- Cybersecurity, Identity Theft, and the Limits of Tort Liability Journal Article 4.9 Identity Management,
4.10 Privacy,
5.1 Regulation/Liability
Yes
Powell, Benjamin 2005-- Is Cybersecurity a Public Good Journal Article 4.2 Economics of Cybersecurity,
4.2.5 Market Failure,
5.1 Regulation/Liability
Yes
Granick, Jennifer Stisa 2005-- The Price of Restricting Vulnerability Publications Journal Article 4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Yes
Brown, Davis 2006-- A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict Journal Article 3.3.2.1 Military networks (.gov),
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Swire, Peter P. 2006-- A Theory of Disclosure for Security and Competitive Reasons Journal Article 4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Yes
Kobayashi, Bruce H. 2006-- An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods Journal Article 4.2 Economics of Cybersecurity,
4.2.2 Incentives,
5.6 Deterrence
Yes
Stohl, Michael 2006-- Cyber Terrorism Journal Article 3.2.3 Hacktivists,
3.2.4 Terrorists,
4.5 Psychology and Politics
Yes
Arora et al. 2006-- Does Information Security Attack Frequency Increase With Vulnerability Disclosure Journal Article 4.2.1 Risk Management and Investment,
4.6 Information Sharing/Disclosure
Yes
Lernard, Thomas M. 2006-- Much Ado About Notification Journal Article 4.6 Information Sharing/Disclosure,
5.1 Regulaiton/Liability
Yes
Anderson, Ross 2006-- The Economics of Information Security Journal Article 4.2 Economics of Cybersecurity,
5.1 Regulation/Liability,
5.7 Technology
Yes
Thomas, Rob 2006-- The Underground Economy Journal Article 3.2.5 Criminals and Criminl Organizations,
3.3.2.2 Financial Institutions and Networks,
4.11 Cybercrime
Yes
Telang, Rahul 2007-- Impact of Software Vulnerability Announcements on the Market Value of Software Vendors Journal Article 4.1 Metrics,
4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure
Yes
Schwartz, Paul 2007-- Notification of Data Security Breaches Journal Article 4.2.2 Incentives,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Yes
Hollis, Duncan B. 2007-- Why States Need an International Law for Information Operations Journal Article 4.12 Cyberwar,
4.13.1 Government to Government Espionage,
5.5 International Law (including Laws of War)
Yes
Epstein, Richard A. 2008-- Cybersecurity in the Payment Card Industry Journal Article 3.2.5 Criminals and Criminal Organizations,
4.11 Cybercrime,
5.1 Regulation/Liability
Yes
Todd, Graham H. 2009-- Armed Attack in Cyberspace Journal Article 3.2.1 States,
4.8 Attribution,
5.5 Internaitonal Law (including Laws of War)
Yes
Korns, Stephen W. 2009-- Cyber Operations Journal Article 4.8 Attribution,
4.12 Cyberwar,
5.6 Deterrence
Yes
Beard, Jack M. 2009-- Law and War in the Virtual Era Journal Article 4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Sklerov, Matthew J. 2009-- Solving the Dilemma of State Responses to Cyberattacks Journal Article 3.2.1 States,
4.8 Attribution,
5.5 Internaitonal Law (including Laws of War)
Yes
Moore, Tyler, et. al 2009-- The Economics of Online Crime Journal Article 3.2.5 Criminals and Criminal Organizations,
3.3.2.2 Financial Institutions and Networks,
4.2 Economics of Cybersecurity
Yes
Watts, Sean 2010-- Combatant Status and Computer Network Attack Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Varian, Hal 2000-- Managing Online Security Risks Article 4.2 Economics of Cybersecurity,
4.2.1 Risk Management and Investment
Yes
European Network and Information Security Agency 2010-10-07 Stuxnet Analysis Non-U.S. Government Report 3. Threats and Actors,
5.7 Technology
No
European Network and Information Security Agency (ENISA) 2011-04-11 Resilience of the Internet Interconnection Ecosystem, at: Non-U.S. Government Report 3. Threats and Actors,
4. Issues,
5. Approaches
No
Cabinet Office (United Kingdom) 2012-11-11 The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world Non-U.S. Government Report 3. Threats and Actors,
4.7 Public-Private Cooperation,
5.3 Government Organizations
No
GAO 2012-02-28 Cybersecurity: Challenges to Securing the Modernized Electricity Grid Non-U.S. Government Report No
van Eeten, Michel J. G. 2008-- Economics of Malware Non-U.S. Government Report 4.2 Economics of Cybersecurity Yes
Dunlap, Charles J. Jr. 2009-- Towards a Cyberspace Legal Regime in the Twenty-First Century Article 4.5 Psychology and Politics,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Anderson, Ross, et. al 2008-- Security Economics and the Internal Market Article 4.2 Economics of Cybersecurity,
4.11 Cybercrime,
5.6 Deterrence
Yes
U.S. House Permenant Select Committee on Intelligence 2011-02-10 World Wide Threats U.S. Government Hearing 3.1 The Threat and Skeptics,
5.1 Regulation/Liability,
5.3 Government Organizations
No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2011-02-11 Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities U.S. Government Hearing 3.3.2 Private Critical Infrastructure,
5.1 Regulation/Liability,
5.7 Technology
No
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2011-02-11 What Should the Department of Defense’s Role in Cyber Be? U.S. Government Hearing 3.1 The Threat and Skeptics,
4.12 Cyberwar,
5.3 Government Organizations
No
U.S. Senate Committee on Homeland Security and Governmental Affairs 2011-02-17 Homeland Security Department’s Budget Submission for Fiscal Year 2012 U.S. Government Hearing No
U.S. Senate Committee on Homeland Security and Governmental Affairs 2011-03-10 Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration U.S. Government Hearing 3.3.1 Public Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
No
U.S. Senate Committee on Energy and Natural Resources 2011-03-15 [ Cybersecurity and Critical Electric Infrastructure (closed)] U.S. Government Hearing 3.3.2.1 Electricity No
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2011-03-16 2012 Budget Request from U.S. Cyber Command U.S. Government Hearing 3.3.1.2 Military Networks (.mil),
4.2 Economics of Cybersecurity
No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2011-03-16 Examining the Cyber Threat to Critical Infrastructure and the American Economy U.S. Government Hearing 3.1 The Threat and Skeptics,
3.3 Security Targets,
4.2 Economics of Cybersecurity
No
U.S. Senate Committee on Judiciary 2011-03-30 Oversight of the Federal Bureau of Investigation U.S. Government Hearing 3. Threats and Actors,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
No
U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power) 2011-03-31 Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs U.S. Government Hearing 4.2 Economics of Cybersecurity,
5.3 Government Organizations
No
U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism) 2011-04-12 Cyber Security: Responding to the Threat of Cyber Crime and Terrorism U.S. Government Hearing 4.11 Cybercrime,
5.1 Regulation/Liability
No
U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations) 2011-04-15 Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology U.S. Government Hearing 3.2.1 Governments,
4.12 Cyberwar,
4.13 Espionage
No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2011-04-15 DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure U.S. Government Hearing 3.3.2 Private Critical Infrastructure,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
No
U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2011-05-03 To receive testimony on the health and status of the defense industrial base and its science and technology-related elements U.S. Government Hearing 3.3.1.2 Military Networks (.mil),
4.3 Supply Chain Issues,
5.3 Government Organizations
No
U.S. Senate Committee on Energy and Natural Resources 2011-05-05 Cybersecurity of the Bulk-Power System and Electric Infrastructure U.S. Government Hearing 3.3.2.1 Electricity,
4.7 Public-Private Cooperation
No
U.S. Senate Committee on Homeland Security and Governmental Affairs 2011-05-23 Protecting Cyberspace: Assessing the White House Proposal U.S. Government Hearing 3.3 Security Targets,
5.1 Regulation/Liability
No
U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations) 2011-05-25 Cybersecurity: Assessing the Immediate Threat to the United States U.S. Government Hearing 3.1 The Threat and Skeptics,
3.3.1 Public Critical Infrastructure,
4.7 Public-Private Cooperation
No
U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet) 2011-05-25 Cybersecurity: Problems Innovative Solutions to Challenging U.S. Government Hearing 4.7 Public-Private Cooperation,
4.11 Cybercrime,
5.2 Private Efforts/Organizations
No
U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education) 2011-05-25 Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts U.S. Government Hearing 3.3.1.1 Government Networks (.gov),
5.3 Government Organizations,
5.7 Technology
No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies) 2011-05-26 Unlocking the SAFETY Act’s Support Anti-terrorism by Fostering Effective Technologies - P.L. 107-296 Potential to Promote Technology and Combat Terrorism ] U.S. Government Hearing 4.11 Cybercrime,
5.1 Regulation/Liability,
5.7 Technology
No
U.S. House Committee on Energy and Commerce 2011-05-31 Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act U.S. Government Hearing 3.3.2.1 Electricity,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
No
U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade) 2011-06-02 Sony and Epsilon: Lessons for Data Security Legislation U.S. Government Hearing 4.9 Identity Management,
5.1 Regulation/Liability,
5.2 Private Efforts/Organizations
No
U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing) 2011-06-15 Discussion Draft of H.R. _, a bill to require greater protection for sensitive consumer data and timely notification in case of breach U.S. Government Hearing 4.6 Information Sharing/Disclosure,
4.10 Privacy,
5.1 Regulation/Liability
No
U.S. Senate Committee on Banking, Housing and Urban Affairs 2011-06-21 Cybersecurity and Data Protection in the Financial Sector U.S. Government Hearing 3.3.2.2 Financial Institutions and Networks,
4.10 Privacy,
5.1 Regulation/Liability
No
U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism) 2011-06-21 Cybersecurity: Evaluating the Administration’s Proposals U.S. Government Hearing 1. Overview,
5.1 Regulation/Liability,
5.3 Government Organizations
No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2011-06-24 Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal U.S. Government Hearing 3.3.1.1 Government Networks (.gov),
4.9 Identity Management,
5.3 Government Organizations
No
U.S. House Committee on Financial Services (field hearing in Hoover, AL) 2011-06-29 Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information U.S. Government Hearing 3.3.2.2 Financial Institutions and Networks,
5.1 Regulation/Liability
No
U.S. Senate Committee on Commerce, Science and Transportation 2011-06-29 Privacy and Data Security: Protecting Consumers in the Modern World U.S. Government Hearing 4.9 Identity Management,
4.10 Privacy,
5.1 Regulation/Liability
No
U.S. House Committee on Oversight and Government Reform 2011-07-07 Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat U.S. Government Hearing 3.3 Security Targets,
4.7 Public-Private Cooperation,
5.3 Government Organizations
No
U.S. House Committee on Science, Space and Technology 2011-07-21 Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011 U.S. Government Hearing 4.2.1 Risk Management and Investment,
5.1 Regulation/Liability,
5.7 Technology
No
U.S. Senate Committee on Small Business and Entrepreneurship 2011-07-25 Role of Small Business in Strengthening Cybersecurity Efforts in the United States U.S. Government Hearing 4.2.2 Incentives,
4.7 public-Private Cooperation
No
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) 2011-07-26 Cybersecurity: Infrastructure An Overview of Risks to Critical U.S. Government Hearing 3.3.2.1 Electricity,
4.7 Public-Private Cooperation,
5.3 Government Organizations
No
U.S. Senate Committee on Judiciary 2011-09-07 Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats U.S. Government Hearing 3.11 Cybercrime,
4.13.2 Industrial Espionage,
5.1 Regulation/Liability
No
U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit) 2011-09-14 Combating Cybercriminals U.S. Government Hearing 3.3.1.1 Government Networks (.gov),
3.3.2.2 Financial Institutions and Networks,
5.7 Government Organizations
No
U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation) 2011-09-21 The Cloud Computing Outlook U.S. Government Hearing 3.3.3.3 Cloud Computing,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
No
U.S. House Permenant Select Committee on Intelligence 2011-10-04 Cyber Threats and Ongoing Efforts to Protect the Nation U.S. Government Hearing 4.7 Public-Private Cooperation,
4.13.2 Industrial Espionage,
5.4 International Cooperation
No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology) 2011-10-06 Cloud Computing: What are the Security Implications? U.S. Government Hearing 3.3.3.3 Cloud Computing,
4.13 Espionage,
5.3 Government Organizations
No
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2011-11-03 Institutionalizing Irregular Warfare Capabilities U.S. Government Hearing 4.12 Cyberwar No
U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security) 2011-11-15 Cybersecurity: Protecting America’s New Frontier U.S. Government Hearing 4.10 Privacy,
4.11 Cybercrime
No
U.S. House Committee on the Judiciary 2011-11-16 Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act) U.S. Government Hearing 4.11 Cybercrime,
5.1 Regulation/Liability
No
U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology) 2011-12-01 Cyber Security: Protecting Your Small Business U.S. Government Hearing 4.2.1 Risk Management and Investment,
5.1 Regulation/Liability
No
U.S. House Permenant Select Committee on Intelligence 2011-12-01 Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011 U.S. Government Hearing 4.6 Information Sharing,
5.1 Regulation/Liability
No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2011-12-06 Hearing on Draft Legislative Proposal on Cybersecurity U.S. Government Hearing 3.1 The Threat and Skeptics,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2012-02-01 Consideration and Markup of H.R. 3674 U.S. Government Hearing 4.6 Information Sharing,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
No
U.S. Senate Committee on Homeland Security and Governmental Affairs 2012-02-16 Securing America’s Future: The Cybersecurity Act of 2012 U.S. Government Hearing 3.3.2 Private Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
No
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) 2012-02-28 Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security U.S. Government Hearing 3.3.2.1 Electricity,
4.2.1 Risk Management and Investment
No
U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight) 2012-02-29 NASA Cybersecurity: An Examination of the Agency’s Information Security U.S. Government Hearing 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations,
5.7 Technology
No
U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology) 2012-03-07 Cybersecurity:Networks The Pivotal Role of Communications U.S. Government Hearing 3.3.3 Communications,
5.3 Government Organizations,
5.7 Technology
No
U.S. Senate Committee on Judiciary 2012-03-13 The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know U.S. Government Hearing 3.3.1 Public Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
No
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2012-03-20 Fiscal 2013 Defense Authorization: IT and Cyber Operations U.S. Government Hearing 4.2.1 Risk Management and Investment,
Government Organizations
No
U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2012-03-20 To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program U.S. Government Hearing 4.2.1 Risk Management and Investment,
4.12 Cyberwar,
5.3 Government Organizations
No
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) 2012-03-27 IT Supply Chain Security: Review of Government and Industry Efforts U.S. Government Hearing 4.3 Supply Chain Issues No
U.S. Senate Committee on Armed Services 2012-03-27 To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program. U.S. Government Hearing 3.2.1 States,
4.2 Economics of Cybersecurity,
4.12 Cyberwar
No
U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology) 2012-03-28 Cybersecurity:Threats to Communications Networks and Public-Sector Responses U.S. Government Hearing 3.3.3 Communications,
4.7 Public-Private Cooperation,
5.3 Government Organizations
No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence) 2012-04-19 The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development U.S. Government Hearing 4.2.1 Risk Management and Investment,
5.3 Government Organizations,
5.7 Technology
No
U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management) 2012-04-24 America is Under Cyber Attack: Why Urgent Action is Needed U.S. Government Hearing 3.1 The Threat and Skeptics,
3.2 Actors and Incentives
No
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence) 2012-04-26 Iranian Cyber Threat to U.S. Homeland U.S. Government Hearing 3.2.1 States,
3.3 Security Targets,
4.12 Cyberwar
No
GAO 2004-05-28 Technology Assessment: Cybersecurity for Critical Infrastructure Protection U.S. Government Report 3.3 Security Targets,
4.7 Public-Private Cooperation,
5.7 Technology
No
U.S. Department of Energy, Infrastructure Security and Energy Restoration 2007-01-01 21 Steps to Improve Cyber Security of SCADA Networks U.S. Government Report 3.3 Security Targets,
5.3 Government Organizations,
5.7 Technology
No
Wilson, Clay
CRS
2007-03-20 Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues U.S. Government Report 3.3 Security Targets,
4.12 Cyberwar
No
GAO 2008-07-31 Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability U.S. Government Report 5.3 Government Organizations No
Department of Homeland Security 2009-09-16 National Cyber Leap Year Summit 2009: Co-Chairs' Report U.S. Government Report 3.3 Security Targets,
4.2 Economics of Cybersecurity,
4.8 Attribution
No
GAO 2009-09-24 Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
No
Federal Communications Commission (FCC) 2010-04-21 Explore the reliability and resiliency of commercial broadband communications networks U.S. Government Report 3.3.3 Communications,
5.1 Regulation/Liability,
5.3 Government Organizations
No
Department of Energy, Idaho National Laboratory 2010-05-01 NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses U.S. Government Report 3.3.2 Private Critical Infrastructure,
5.7 Technology
No
GAO 2010-06-03 Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development U.S. Government Report 4.7 Public-Private Cooperation,
5.3 Government Organizations
No
General Accountability Office (GAO) 2010-07-15 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed U.S. Government Report 3.3 Security Targets,
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation
No
National Institute of Standards and Technology (NIST) 2010-09-02 NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines U.S. Government Report 3.3.2.1 Electricity,
5.1 Regulation/Liability,
5.3 Government Organizations
No
White House (Office of Science & Technology Policy) 2010-12-06 Partnership for Cybersecurity Innovation U.S. Government Report 3.3.2.2 Financial Institutions and Networks,
4.7 Public-Private Cooperation,
5.3 Government Organizations
No
Kundra, Vivek 2010-12-09 25 Point Implementation Plan to Reform Federal Information Technology Management U.S. Government Report 3.3.1.1 Government Networks (.gov),
3.3.3.3 Cloud Computing,
5.3 Government Organizations
No
Kerr, Paul K. et al.
CRS
2010-12-09 The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability U.S. Government Report 3.3 Security Targets,
4.12 Cyberwar,
5.4 International Law (including Laws of War)
No
White House 2010-12-16 Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology U.S. Government Report 3.3.1 Public Critical Infrastructure,
4. Issues,
5. Approaches
No
General Accountability Office (GAO) 2011-01-12 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed U.S. Government Report 3.3.2.1 Electricity,
5.1 Regulation/Liability,
5.3 Government Organizations
No
North American Electric Reliability Corp. (NERC) 2011-01-26 Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security U.S. Government Report 3.3.2.1 Electricity,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
No
Kundra, Vivek 2011-02-08 Federal Cloud Computing Strategy U.S. Government Report 3.3.1.1 Government Networks (.gov),
3.3.3.3 Cloud Computing,
5.3 Government Organizations
No
James Clapper, Director of National Intelligence 2011-02-10 Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony) U.S. Government Report 3.1 The Threat and Skeptics,
3.2 Actors and Incentives
No
General Accountability Office (GAO) 2011-03-16 Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems U.S. Government Report 3. Threats and Actors,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
No
U.S. Army War College, Strategy Research Project 2011-03-24 China’s Cyber Power and America’s National Security U.S. Government Report 3.2.1 States,
4.13 Espionage,
5.3 Government Organizations
No
U.S. Army War College 2011-05-09 Cyber Infrastructure Protection U.S. Government Report No
Federal Communications Commission (FCC) 2011-06-03 [-- FCC's Plan for Ensuring the Security of Telecommunications Networks ftp://ftp.fcc.gov/pub/Daily_Releases/Daily_Business/2011/ db0610/DOC-307454A1.txt ] U.S. Government Report No
National Science Foundation 2011-08-11 At the Forefront of Cyber Security Research U.S. Government Report 5.7 Technology No
National Initiative for Cybersecurity Education 2011-08-11 National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation U.S. Government Report 1. Overview,
5.3 Government Organizations
No
Office of the National Counterintelligence Executive 2011-11-03 Foreign Spies Stealing US Economic Secrets in Cyberspace U.S. Government Report 3. Threats and Actors,
3.2 Actors and Incentives,
4.13 Espionage
No
Department of Defense 2011-11-15 Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934 U.S. Government Report 4.12 Cyberwar,
5.3 Government Organizations,
5.7 Technology
No
National Initiative for Cybersecurity Education (NICE) 2011-11-21 NICE Cybersecurity Workforce Framework U.S. Government Report 4.4 Usability/Human Factors,
5.3 Government Organizations
No
General Accountability Office (GAO) 2011-11-29 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination U.S. Government Report 3.3.1 Public Critical Infrastructure,
4.4 Usability/Human Factors,
5.3 Government Organizations
No
GAO 2012-01-13 Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements U.S. Government Report 3.3.1.2 Military Networks (.mil),
4.7 Public-Private Cooperation
No
National Science Foundation 2012-01-17 Information Security Risk Taking U.S. Government Report 4.1 Metrics,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
No
Department of Defense 2012-04-11 Cyber Operations Personnel Report (DoD) U.S. Government Report No
Fischer, Eric A.
CRS
2012-04-23 Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions U.S. Government Report 3.3 Security Targets,
5.1 Regulation/Liability
No
Project on National Security Reform (PNSR) 2012-11-10 The Power of People: Building an Integrated National Security Professional System for the 21st Century U.S. Government Report 4.4 Usability/Human Factors,
5.3 Government Organizations
No
Department of Homeland Security 2007-06 Challenges Remain in Securing the Nation’s Cyber Infrastructure U.S. Government Report 4.6 Information Sharing,
4.7 Public-Private Cooperation,
5.3 Government Organizations
No
White House 2009-- Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure U.S. Government Report 1. Overview,
4.7 Public-Private Cooperation
No
Department of Homeland Security 2009-11 A Roadmap for Cybersecurity Research U.S. Government Report 1. Overview,
4.2.1 Risk management and Investment
No
Department of Homeland Security 2010-08 DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems U.S. Government Report 3.3.1.1 Government Networks (.gov),
5.3 Government Organizations
No
Department of Homeland Security 2010-09 National Cyber Incident Response Plan U.S. Government Report 3. Threats and Actors,
5.3 Government Organizations
No
PCAST 2010-12 Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology U.S. Government Report 4.3 Supply Chain Issues,
4.10 Privacy,
5.3 Government Organizations
No
White House 2011-04 National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management
No
Department of Justice 2011-04 The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat U.S. Government Report 4.6 Information Sharing/Disclosure,
4.11 Cybercrime,
5.3 Government Organizations
No
White House 2011-05 International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World U.S. Government Report 1. Overview No
Department of Commerce, Internet Policy Task Force 2011-06 Cybersecurity, Innovation and the Internet Economy U.S. Government Report 4.2 Economics of Cybersecurity,
4.7 Public-Private Cooperation
No
PCAST 2011-06 Report to the President on Ensuring American Leadership in Advanced Manufacturing U.S. Government Report 4.2.1 Risk Management and Investment,
5.3 Government Organizations
No
Energy Sector Control Systems Working Group 2011-09 Roadmap to Achieve Energy Delivery Systems Cybersecurity U.S. Government Report 3.3.2.1 Electricity,
4.7 Public-Private Cooperation
No
Department of Homeland Security 2011-11 Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise U.S. Government Report 3.3 Security Targets,
5.3 Government Organizations
No
NSTC 2011-12 Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program U.S. Government Report 5.3 Government Organizations No
White House 2012-01 National Strategy for Global Supply Chain Security U.S. Government Report 4.3 Supply Chain Issues No
White House 2012-02 Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy U.S. Government Report 4.10 Privacy,
5.1 Regulation/Liability
No
Department of Energy 2012-04 The Department's Management of the Smart Grid Investment Grant Program U.S. Government Report 3.3.2.1 Electricity,
4.2.1 Risk Management and Investment
No
GAO 2003-08-27 Efforts to Improve Information sharing Need to Be Strengthened U.S. Government Report 4.6 Information Sharing/Disclosure,
5.3 Government Organizations
No
White House/OMB 2009-05-29 Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure U.S. Government Report 4. Issues,
5. Approaches
No
GAO 2009-11-17 Continued Efforts Are Needed to Protect Information Systems from Evolving Threats U.S. Government Report 3.2 Actors and Incentives,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
No
White House/OMB 2010-03-02 Comprehensive National Cybersecurity Initiative (CNCI) U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations,
5.7 Technology
No
GAO 2010-03-05 Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
No
GAO 2010-03-16 Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
No
GAO 2010-03-24 Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at: U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
No
GAO 2010-04-12 Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations,
5.7 Technology
No
GAO 2010-06-16 Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
No
U.S. Navy 2010-06-17 DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance U.S. Government Report 3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
No
White House/OMB 2010-06-25 The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
No
GAO 2010-07-01 Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
No
White House/OMB 2010-07-06 Clarifying Cybersecurity Responsibilities U.S. Government Report 5.3 Government Organizations No
GAO 2010-07-15 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed U.S. Government Report 4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation,
5.3 Government Organizations
No
U.S. Air Force 2010-07-15 Cyberspace Operations: Air Force Doctrine Document 3-12 U.S. Government Report 3.3.1.2 Military Networks (.mil),
4.12 Cyberwar,
5.3 Government Organizations
No
Quadrennial Defense Review 2010-07-30 The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report) U.S. Government Report 3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
No
GAO 2010-08-02 United States Faces Challenges in Addressing Global Cybersecurity and Governance U.S. Government Report 4.7 Public-Private Cooperation,
5.3 Government Organizations,
5.4 International Cooperation
No
GAO 2010-09-15 Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
No
GAO 2010-09-23 DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened U.S. Government Report 3.3 Security Targets,
5.3 Government Organizations
No
GAO 2010-10-06 Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed U.S. Government Report 5.1 Regulation/Liability,
5.3 Government Organizations
No
National Research Council, Committee for Advancing Software-Intensive Systems Producibility 2010-10-20 Critical Code: Software Producibility for Defense U.S. Government Report 3.3.1.2 Military Networks (.mil),
5.3 Government Organizations,
5.7 Technology
No
GAO 2010-11-30 Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk U.S. Government Report 3.3.3 Communications,
5.3 Government Organizations,
5.7 Technology
No
White House/OMB 2010-12-09 25 Point Implementation Plan to Reform Federal Information Technology Management U.S. Government Report 4.2 Economics of Cybersecurity,
5.3 Government Organizations,
5.7 Technology
No
GAO 2011-01-12 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed U.S. Government Report 3.3.2.1 Electricity,
5.1 Regulation/Liability,
5.3 Government Organizations
No
White House 2011-02-13 Federal Cloud Computing Strategy U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations,
5.7 Technology
No
White House/OMB 2011-02-13 Federal Cloud Computing Strategy U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations,
5.7 Technology
No
GAO 2011-03-16 Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems U.S. Government Report 3.3 Security Targets,
5.1 Regulation/Liability,
5.3 Government Organizations
No
White House 2011-04-15 Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
No
White House 2011-04-15 National Strategy for Trusted Identities in Cyberspace U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
No
White House/OMB 2011-05-12 Cybersecurity Legislative Proposal (Fact Sheet) U.S. Government Report 4. Issues,
5.3 Government Organizations
No
White House/OMB 2011-05-16 International Strategy for Cyberspace U.S. Government Report 4.6 Information Sharing/Disclosure,
5.3 Government Organizations,
5.4 International Cooperation
No
Department of Commerce 2011-06-14 Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
No
GAO 2011-07-08 Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain U.S. Government Report 3.3.1.1 Government Networks (.gov),
5.3 Government Organizations,
5.7 Technology
No
Department of Defense 2011-07-14 Department of Defense Strategy for Operating in Cyberspace U.S. Government Report 3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
No
GAO 2011-07-25 Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities U.S. Government Report 3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
No
GAO 2011-07-26 Continued Attention Needed to Protect Our Nation’s Critical Infrastructure U.S. Government Report 3.3 Security Targets,
5.1 Regulation/Liability,
5.3 Government Organizations
No
Secretary of the Air Force 2011-07-27 Legal Reviews of Weapons and Cyber Capabilities U.S. Government Report 4.12 Cyberwar,
5.3 Government Organizations,
5.5 International Law (including Laws of War)
No
GAO 2011-07-29 Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates U.S. Government Report 3.3.1.2 Military Networks (.mil),
4.2 Economics of Cybersecurity,
5.3 Government Organizations
No
General Accountability Office (GAO) 2011-07-29 Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates U.S. Government Report 4.2 Economics of Cybersecurity,
5.3 Government Organizations
No
NIST 2011-09-01 Cloud Computing Reference Architecture U.S. Government Report 3.3.3.3 Cloud Computing No
White House/OMB 2011-09-14 FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa U.S. Government Report 4.6 Information Sharing/Disclosure,
5.3 Government Organizations
No
GAO 2011-10-03 Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements U.S. Government Report 3.3.1 Public Critical Infrastructure,
4.4 Usability/Human Factors,
5.3 Government Organizations
No
GAO 2011-10-05 Information Security: Additional Guidance Needed to Address Cloud Computing Concerns U.S. Government Report 3.3.1 Public Critical Infrastructure,
3.3.3.3 Cloud Computing,
5.3 Government Organizations
No
GAO 2011-10-05 Information Security: Additional Guidance Needed to Address Cloud Computing Concerns U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
No
White House/OMB 2011-10-07 Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information U.S. Government Report 3.3.1 Public Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
No
GAO 2011-10-17 Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management U.S. Government Report 5.1 Regulation/Liability,
5.3 Government Organizations
No
GAO 2011-11-29 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at: U.S. Government Report 4.2 Economics of Cybersecurity,
4.4 Usability/Human Factors,
5.3 Government Organizations
No
NIST 2011-12-01 U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
No
White House/OMB 2011-12-06 Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program U.S. Government Report 5.3 Government Organizations,
5.7 Technology
No
White House/Office of Management and Budget (OMB) 2011-12-08 Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP) U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
No
GAO 2011-12-09 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use U.S. Government Report 3.3 Security Targets,
5.1 Regulation/Liability,
5.3 Government Organizations
No
General Accountability Office (GAO) 2011-12-09 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use U.S. Government Report No
Department of Energy (DOE) Inspector General 2012-01-01 The Department’s Management of the Smart Grid Investment Grant Program U.S. Government Report 3.3.2.1 Electricity,
5.3 Government Organizations
No
Federal CIO Council 2012-01-04 Federal Risk and Authorization Management Program (FedRAMP) U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
No
Department of Defense 2012-02-16 DOD Information Security Program: Overview, Classification, and Declassification U.S. Government Report 4.6 Information Sharing/Disclosure,
5.3 Government Organizations
No
NIST 2012-02-17 Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
No
President's Commission on Critical Infrastructure Protection 1997-- Critical Foundations U.S. Government Report 3.3.2 Private Critical Infrastructure,
3.3.3 Communications,
5.3 Government Organizations
Yes
Department of Defense 1999-- An Assessment of International Legal Issues in Information Operations U.S. Government Report 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Yes
Department of Homeland Security 2003-- The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets U.S. Government Report 3.3.1 Public Critical Infrastructure,
3.3.2 Private Critical Infrastructure,
5.3 Government Organizations
Yes
White House 2003-- The National Strategy to Secure Cyberspace U.S. Government Report 4.7 Public-Private Cooperation,
5.3 Government Organizations,
5.4 International Cooperations
Yes
National Infrastructure Advisory Council 2004-- Hardening The Internet U.S. Government Report 3.3 Security Targets,
4.7 Public-Private Cooperation,
5.3 Government Organizations
Yes
National Cyber Security Summit Task Force 2004-- Information Security Governance U.S. Government Report 4.7 Public-Private Cooperation,
5.2 Private Efforts/Organizations,
5.3 government Organizations
Yes
United States Secret Service 2004-- Insider Threat Study U.S. Government Report 3.3.2.2 Financial Institutions and Networks,
4.2.2 Incentives,
4.4 Usability/Human Factor
Yes
Department of Defense 2005- Strategy for Homeland Defense and Civil Support U.S. Government Report 3.2.4 Terrorists,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
Yes
President's Information Technology Advisory Council 2005-- Cyber Security: A Crisis of Prioritization U.S. Government Report 4.2.2 Incentives,
4.7 Public-Private Cooperation,
5.3 Government Organizations
Yes
Deputy Chief of Staff for Intelligence 2006-- Critical Infrastructure Threats and Terrorism U.S. Government Report 3.3 Security Targets,
4.11 Cybercrime,
4.12 Cyberwar
Yes
National Science and Technology Council 2006-- Federal Plan for Cyber Security and Information Assurance Research and Development U.S. Government Report 4.1 Metrics,
4.7 Attribution,
4.8 Public-Private Cooperation
Yes
National Institute of Standards and Technology 2006-- SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security U.S. Government Report 3.3.1 Public Critical Infrastructure,
.2.1 Risk Management and Investment,
5.2 Private Efforts/Organizations
Yes
Department of Defense 2007-- Mission Impact of Foreign Influence on DoD Software U.S. Government Report 3.2.4 Terrorists,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
Yes
Department of Homeland Security 2009-- A Roadmap for Cybersecurity Research U.S. Government Report 3.3 Security Targets,
5.3 Government Organizations
Yes
White House 2009-- Cyberspace Policy Review U.S. Government Report 4.7 Public-Private Cooperation,
5.2 Private Efforts/Organizations,
5.3 Government Organizations
Yes
Networking and Information Technology Research and Development 2009-- National Cyber Leap Year Summit 2009, Co-Chairs' Report U.S. Government Report 4.6 Information Sharing/Disclosure,
4.9 Identity Management,
5.7 Technology
Yes
Department of Commerce 2010-- Defense Industrial Base Assessment U.S. Government Report 3.2.5 Criminals and Criminal Organizations,
3.3.1 Public Critical Infrastructure,
4.7 Public-Private Cooperation
Yes
White House 2010-- The Comprehensive National Cybersecurity Initiative U.S. Government Report 3.3.1 Public Critical Infrastructure,
3.3.2 Private Critical Infrastructure,
5.3 Government Organizations
Yes
U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs) 2010-009 Defending a New Domain U.S. Government Report No
Department of Defense 2011-04 Cyber Operations Personnel Report (DOD) U.S. Government Report No
Department of Energy, Office of Electricity Delivery & Energy Reliability Undated Cybersecurity for Energy Delivery Systems Program U.S. Government Report 3.3.2.1 Electricity,
4.2.1 Risk Management and Investment,
5.3 Government Organizations
No
GAO 2009-07 Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses U.S. Government Report 3.3.1.1 Government Networks (.gov),
5.3 Government Organizations
No
GAO 2009-09 Information Security: Concerted Effort Needed to Improve Federal Performance Measures U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
No
General Services Administration (GSA) 2012-02-07 Concept of Operations: FedRAMP U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
No