Difference between revisions of "Template:Filtered Table"

Latest revision as of 16:03, 25 January 2013

U.S. Government Report

U.S. Government Hearing

Non-U.S. Government Report

Independent Report

Industry Report

Book

Journal Article

Article

1. Overview

3. Threats and Actors

3.1 The Threat and Skeptics

3.2 Actors and Incentives

3.2.1 States

3.2.2 Groups

3.2.3 Hacktivists

3.2.4 Terrorists

3.2.5 Criminals and Criminal Organizations

3.3 Security Targets

3.3.1 Public Critical Infrastructure

3.3.1.1 Government Networks (.gov)

3.3.1.2 Military Networks (.mil)

3.3.2 Private Critical Infrastructure

3.3.2.1 Electricity, Oil and Natural Gas

3.3.2.2 Financial Institutions and Networks

3.3.2.3 Transportation

3.3.2.4 Water, Sewer, etc.

3.3.3 Communications

3.3.3.1 Telephone

3.3.3.2 Public Data Networks

3.3.3.3 Cloud Computing

4. Issues

4.1 Metrics

4.2 Economics of Cybersecurity

4.2.1 Risk Management and Investment

4.2.2 Incentives

4.2.3 Insurance

4.2.4 Behavioral Economics

4.2.5 Market Failure

4.3 Supply Chain Issues

4.4 Usability/Human Factors

4.5 Psychology and Politics

4.6 Information Sharing/Disclosure

4.7 Public-Private Cooperation

4.8 Attribution

4.9 Identity Management

4.10 Privacy

4.11 Cybercrime

4.12 Cyberwar

4.13 Espionage

4.13.1 Government to Government

4.13.2 Industrial

4.13.3 Media Perceptions

5. Approaches

5.1 Regulation/Liability

5.2 Private Efforts/Organizations

5.3 Government Organizations

5.4 International Cooperation

5.5 International Law (including Laws of War)

5.6 Deterrence

5.7 Technology

Author/Agency	Date	Title	Wiki Entry	Type	Category
Aloise, Gene et al.	2008	Nuclear Security	Yes	U.S. Government Report	3.3 Security Targets, 3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure
Anderson, Ross	2001	Why Information Security is Hard	Yes	Independent Report	4.2.1 Risk Management and Investment, 4.2.2 Incentives, 5.1 Regulation/Liability
Anderson, Ross	2006	The Economics of Information Security	Yes	Journal Article	4.2 Economics of Cybersecurity, 5.1 Regulation/Liability, 5.7 Technology
Anderson, Ross J.	2008	Security Engineering	Yes	Book	3.2 Security Targets, 4.2 Economics of Cybersecurity, 5.1 Regulation/Liability
Anderson, Ross, et. al	2008	Security Economics and the Internal Market	Yes	Article	4.2 Economics of Cybersecurity, 4.11 Cybercrime, 5.6 Deterrence
Arora et al.	2006	Does Information Security Attack Frequency Increase With Vulnerability Disclosure	Yes	Journal Article	4.2.1 Risk Management and Investment, 4.6 Information Sharing/Disclosure
Aviram, Amitai	2004	Overcoming Impediments to Information Sharing	Yes	Journal Article	4.2.1 Risk Management and Investment, 4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation
Barkham, Jason	2001	Information Warfare and International Law on the Use of Force	Yes	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Bauer, Johannes M. and van Eeten, Michel J. G.	2009	Cybersecurity: Stakeholder Incentives, Externalities, and Policy Options	Yes	Journal Article	4.2 Economics of Cybersecurity, 4.2.1 Risk Management and Investment, 4.2.2 Incentives
Beard, Jack M.	2009	Law and War in the Virtual Era	Yes	Journal Article	4.12 Cyberwar, 5.5 International Law (including Laws of War)
Bellovin, Steven M.	2009	The Government and Cybersecurity	Yes	Journal Article	3.2 Actors and Incentives, 4.7Public-Private Cooperation
Besunder, Allison A.	2009	Best Practices for Data Protection and Privacy	Yes	Book	4.6 Information Sharing/Disclosure, 4.10 Privacy, 5.1 Regulation/Liability
Boebert, W. Earl	2010	A Survey of Challenges in Attribution	No	Journal Article	4.8 Attribution, 5.3 Government Organizations, 5.7 Technology
Bohme, Rainer	2005	Cyber-Insurance Revisited	Yes	Independent Report	4.2.2 Incentives, 4.2.3 Insurance, ,4.2.5 Market Failure
Bohme, Rainer	2006	Models and Measures for Correlation in Cyber-Insurance	Yes	Independent Report	4.2.3 Insurance, 5.2 Private Efforts/Organizations
Bohme, Rainer	2010	Modeling Cyber-Insurance	Yes	Independent Report	4.2.2 Incentives, 4.2.3 Insurance, ,5.2 Private Efforts/Organizations
Booz Allen Hamilton and the Economist Intelligence Unit	2012-01-15	Cyber Power Index	No	Industry Report	4. Issues, 4.1 Metrics, 5. Approaches
Bradley, Curtis A. and Goldsmith, Jack L.	2011	Overview of International Law and Institutions	Yes	Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Brown, Davis	2006	A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict	Yes	Journal Article	3.3.1.2 Military Networks (.mil), 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Burstein, Aaron J.	2008	Amending the ECPA to Enable a Culture of Cybersecurity Research	Yes	Journal Article	4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation
Business Roundtable	2011-10-11	Mission Critical: A Public-Private Strategy for Effective Cybersecurity	No	Independent Report
Business Software Alliance	2012-02-02	Global Cloud Computing Scorecard a Blueprint for Economic Opportunity	No	Industry Report	3.3.3.3 Cloud Computing
Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America	2011-03-08	Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper	No	Industry Report	4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation, 5. Approaches
Cabinet Office (United Kingdom)	2011-11-11	The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world	No	Non-U.S. Government Report	3. Threats and Actors, 4.7 Public-Private Cooperation, 5.3 Government Organizations
Camp, L. Jean	2004	Economics of Information Security	Yes	Book	4.2 Economics of Cybersecurity, 5.1 Regulation/Liability
Camp, L. Jean	2004	Pricing Security	Yes	Book	4.2.1 Risk Management and Investment, 4.2.2 Incentives
Center for a New American Security	2012-06-11	America’s Cyber Future: Security and Prosperity in the Information Age	No	Independent Report	1. Overview, 4. Issues, 5. Approaches
Center for Strategic and International Studies	2008	Securing Cyberspace for the 44th Presidency	Yes	Independent Report	4.7 Public-Private Cooperation, 5.1 Regulation/Liability, 5.4 International Cooperation
Centre for Secure Information Technologies	2011	World Cybersecurity Technology Research Summit (Belfast 2011)	No	Independent Report
Cetron, Marvin J. and Davies, Owen	2009	World War 3.0: Ten Critical Trends for Cybersecurity	Yes	Journal Article	3.2 Actors and Incentives, 3.3.1 Public Critical Infrastructure, 4.12 Cyberwar
Clark, David and Landau, Susan	2010	Untangling Attribution	No	Journal Article	4.8 Attribution, 5.6 Deterrence, 5.7 Technology
Clarke, Richard A.	2010	Cyber War	Yes	Book	3.1 The Threat and Skeptics, 3.2.1 States, 4.12 Cyberwar
Clinton, Larry	Undated	Cyber-Insurance Metrics and Impact on Cyber-Security	Yes	Independent Report	4.2.3 Insurance, 5.2 Private Efforts/Organizations
Cloud Security Alliance	2009-12	Security Guidance for Critical Areas of Focus in Cloud Computing V2.1	No	Independent Report	3.3.3.3 Cloud Computing, 4. Issues, 5.2 Private Efforts/Organizations
Cohen, Geoff	2010	Targeting Third Party Collaboration	No	Journal Article	3.1 The Threat and Skeptics, 4.7 Public-Private Cooperation, 4.11 Cybercrime
Computer Economics, Inc.	2007	2007 Malware Report	Yes	Industry Report	4.2 Economics of Cybersecurity
Computing Research Association	2003-	Four Grand Challenges in Trustworthy Computing	Yes	Independent Report	4.4 Usability/Human Factors, 4.6 Information Sharing/Disclosure, 4.9 Identity Management
Cornish, Paul	2009	Cyber Security and Politically, Socially and Religiously Motivated Cyber Attacks	Yes	Non-U.S. Government Report	3.2 Actors and Incentives, 5.4 International Cooperation
Cornish, Paul et al.	2009	Cyberspace and the National Security of the United Kingdom - Threats and Responses	Yes	Independent Report	3. Threats and Actors, 4.7 Public-Private Cooperation, 5.3 Government Organizations
Council on Foreign Relations	2010-07-15	Untangling Attribution: Moving to Accountability in Cyberspace [Testimony]	No	Independent Report	3.2 Actors and Incentives, 4.8 Attribution, 5. Approaches
CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies	2011-01	Cybersecurity Two Years Later	No	Independent Report	3. Threats and Actors, 5. Approaches, 5.3 Government Organizations
Cyber Security Forum Initiative	2011-05-09	Cyber Dawn: Libya	No	Industry Report	3. Threats and Actors, 4. Issues, 5. Approaches
Department of Commerce	2011-06-14	Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace	No	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
Department of Commerce	2010	Defense Industrial Base Assessment	Yes	U.S. Government Report	3.2.5 Criminals and Criminal Organizations, 3.3.1 Public Critical Infrastructure, 4.7 Public-Private Cooperation
Department of Commerce, Internet Policy Task Force	2011-06	Cybersecurity, Innovation and the Internet Economy	No	U.S. Government Report	4.2 Economics of Cybersecurity, 4.7 Public-Private Cooperation
Department of Defense	2011-07-14	Department of Defense Strategy for Operating in Cyberspace	No	U.S. Government Report	3.3.1.2 Military Networks (.mil), 5.3 Government Organizations
Department of Defense	2011-11-15	Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934	No	U.S. Government Report	4.12 Cyberwar, 5.3 Government Organizations, 5.7 Technology
Department of Defense	2012-02-16	DOD Information Security Program: Overview, Classification, and Declassification	No	U.S. Government Report	4.6 Information Sharing/Disclosure, 5.3 Government Organizations
Department of Defense	2012-04-11	Cyber Operations Personnel Report (DoD)	No	U.S. Government Report
Department of Defense	1999	An Assessment of International Legal Issues in Information Operations	Yes	U.S. Government Report	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Department of Defense	2005-	Strategy for Homeland Defense and Civil Support	Yes	U.S. Government Report	3.2.4 Terrorists, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
Department of Defense	2007	Mission Impact of Foreign Influence on DoD Software	Yes	U.S. Government Report	3.2.4 Terrorists, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
Department of Defense	2011-04	Cyber Operations Personnel Report (DOD)	No	U.S. Government Report
Department of Energy	2012-04	The Department's Management of the Smart Grid Investment Grant Program	No	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 4.2.1 Risk Management and Investment
Department of Energy (DOE) Inspector General	2012-01-01	The Department’s Management of the Smart Grid Investment Grant Program	No	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 5.3 Government Organizations
Department of Energy, Idaho National Laboratory	2010-05-01	NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses	No	U.S. Government Report	3.3.2 Private Critical Infrastructure, 5.7 Technology
Department of Energy, Office of Electricity Delivery & Energy Reliability	Undated	Cybersecurity for Energy Delivery Systems Program	No	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 4.2.1 Risk Management and Investment, 5.3 Government Organizations
Department of Homeland Security	2009-09-16	National Cyber Leap Year Summit 2009: Co-Chairs' Report	No	U.S. Government Report	3.3 Security Targets, 4.2 Economics of Cybersecurity, 4.8 Attribution
Department of Homeland Security	2007-06	Challenges Remain in Securing the Nation’s Cyber Infrastructure	No	U.S. Government Report	4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation, 5.3 Government Organizations
Department of Homeland Security	2009-11	A Roadmap for Cybersecurity Research	No	U.S. Government Report	1. Overview, 4.2.1 Risk Management and Investment
Department of Homeland Security	2010-08	DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems	No	U.S. Government Report	3.3.1.1 Government Networks (.gov), 5.3 Government Organizations
Department of Homeland Security	2010-09	National Cyber Incident Response Plan	No	U.S. Government Report	3. Threats and Actors, 5.3 Government Organizations
Department of Homeland Security	2011-11	Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise	No	U.S. Government Report	3.3 Security Targets, 5.3 Government Organizations
Department of Homeland Security	2003	The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets	Yes	U.S. Government Report	3.3.1 Public Critical Infrastructure, 3.3.2 Private Critical Infrastructure, 5.3 Government Organizations
Department of Homeland Security	2009	A Roadmap for Cybersecurity Research	Yes	U.S. Government Report	3.3 Security Targets, 5.3 Government Organizations
Department of Justice	2011-04	The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat	No	U.S. Government Report	4.6 Information Sharing/Disclosure, 4.11 Cybercrime, 5.3 Government Organizations
Deputy Chief of Staff for Intelligence	2006	Critical Infrastructure Threats and Terrorism	Yes	U.S. Government Report	3.3 Security Targets, 4.11 Cybercrime, 4.12 Cyberwar
Dörmann, Knut	2004	Applicability of the Additional Protocols to Computer Network Attacks	Yes	Independent Report	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Douglas Maughan	2010	The Need for a National Cybersecurity Research and Development Agenda	Yes	Article	4.7 Public-Private Cooperation, 5.3 Government Organizations
Dunlap Charles J, Jr	2011	Perspectives for Cyber Strategists on Law for Cyberwar	Yes	Journal Article	4.12 Cyberwar, 5.3 Government Organizations, 5.5 International Law (including Laws of War)
Dunlap, Charles J. Jr.	2009	Towards a Cyberspace Legal Regime in the Twenty-First Century	Yes	Article	4.5 Psychology and Politics, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
EastWest Institute	2011-02-03	Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace	No	Independent Report	3.2.1 States, 5.4 International Cooperation, 5.5 International Law (including Laws of War)
Energetics Inc.	2006	Roadmap to Secure Control Systems in the Energy Sector	Yes	Independent Report	3.3.1 Public Critical Infrastructure, 4.7 Public-Private Cooperation
Energy Sector Control Systems Working Group	2011-09	Roadmap to Achieve Energy Delivery Systems Cybersecurity	No	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation
ENISA	2010	Introduction to Country Reports	Yes	Non-U.S. Government Report	3.2.1 States, 5.3 Government Organizations, 5.4 International Cooperation
Epstein, Richard A.	2008	Cybersecurity in the Payment Card Industry	Yes	Journal Article	3.2.5 Criminals and Criminal Organizations, 4.11 Cybercrime, 5.1 Regulation/Liability
European Network and Information Security Agency	2010-10-07	Stuxnet Analysis	No	Non-U.S. Government Report	3. Threats and Actors, 5.7 Technology
European Network and Information Security Agency (ENISA)	2011-04-11	Resilience of the Internet Interconnection Ecosystem, at:	No	Non-U.S. Government Report	3. Threats and Actors, 4. Issues, 5. Approaches
Federal CIO Council	2012-01-04	Federal Risk and Authorization Management Program (FedRAMP)	No	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations
Federal Communications Commission (FCC)	2010-04-21	Explore the reliability and resiliency of commercial broadband communications networks	No	U.S. Government Report	3.3.3 Communications, 5.1 Regulation/Liability, 5.3 Government Organizations
Federal Communications Commission (FCC)	2011-06-03	FCC's Plan for Ensuring the Security of Telecommunications Networks	No	U.S. Government Report
Financial Services Sector Coordinating Council for Critical Infrastructure Protection	2008	Research Agenda for the Banking and Finance Sector	Yes	Independent Report	3.3.2.2 Financial Institutions and Networks, 4.1 Metrics, 4.2.1 Risk Management and Investment
Fischer, Eric A. CRS	2012-04-23	Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions	No	U.S. Government Report	3.3 Security Targets, 5.1 Regulation/Liability
Franklin, Jason, et. al	2007	An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants	Yes	Independent Report	3.2.5 Criminals and Criminal Organizations, 4.2 Economics of Cybersecurity, 4.11 Cybercrime
Gandal, Neil	2008	An Introduction to Key Themes in the Economics of Cyber Security	Yes	Book	4.2 Economics of Cybersecurity, 4.2.2 Incentives, 5.7 Technology
GAO	2003-08-27	Efforts to Improve Information sharing Need to Be Strengthened	No	U.S. Government Report	4.6 Information Sharing/Disclosure, 5.3 Government Organizations
GAO	2004-05-28	Technology Assessment: Cybersecurity for Critical Infrastructure Protection	No	U.S. Government Report	3.3 Security Targets, 4.7 Public-Private Cooperation, 5.7 Technology
GAO	2008-07-31	Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability	No	U.S. Government Report	5.3 Government Organizations
GAO	2009-09-24	Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
GAO	2009-11-17	Continued Efforts Are Needed to Protect Information Systems from Evolving Threats	No	U.S. Government Report	3.2 Actors and Incentives, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
GAO	2010-03-05	Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
GAO	2010-03-16	Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
GAO	2010-03-24	Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at:	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
GAO	2010-04-12	Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations, 5.7 Technology
GAO	2010-06-03	Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development	No	U.S. Government Report	4.7 Public-Private Cooperation, 5.3 Government Organizations
GAO	2010-06-16	Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
GAO	2010-07-01	Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing	No	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations
GAO	2010-07-15	Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed	No	U.S. Government Report	4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation, 5.3 Government Organizations
GAO	2010-08-02	United States Faces Challenges in Addressing Global Cybersecurity and Governance	No	U.S. Government Report	4.7 Public-Private Cooperation, 5.3 Government Organizations, 5.4 International Cooperation
GAO	2010-09-15	Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
GAO	2010-09-23	DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened	No	U.S. Government Report	3.3 Security Targets, 5.3 Government Organizations
GAO	2010-10-06	Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed	No	U.S. Government Report	5.1 Regulation/Liability, 5.3 Government Organizations
GAO	2010-11-30	Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk	No	U.S. Government Report	3.3.3 Communications, 5.3 Government Organizations, 5.7 Technology
GAO	2011-01-12	Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed	No	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 5.1 Regulation/Liability, 5.3 Government Organizations
GAO	2011-03-16	Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems	No	U.S. Government Report	3.3 Security Targets, 5.1 Regulation/Liability, 5.3 Government Organizations
GAO	2011-07-08	Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain	No	U.S. Government Report	3.3.1.1 Government Networks (.gov), 5.3 Government Organizations, 5.7 Technology
GAO	2011-07-25	Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities	No	U.S. Government Report	3.3.1.2 Military Networks (.mil), 5.3 Government Organizations
GAO	2011-07-26	Continued Attention Needed to Protect Our Nation’s Critical Infrastructure	No	U.S. Government Report	3.3 Security Targets, 5.1 Regulation/Liability, 5.3 Government Organizations
GAO	2011-07-29	Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates	No	U.S. Government Report	3.3.1.2 Military Networks (.mil), 4.2 Economics of Cybersecurity, 5.3 Government Organizations
GAO	2011-10-03	Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 4.4 Usability/Human Factors, 5.3 Government Organizations
GAO	2011-10-05	Information Security: Additional Guidance Needed to Address Cloud Computing Concerns	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 3.3.3.3 Cloud Computing, 5.3 Government Organizations
GAO	2011-10-17	Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management	No	U.S. Government Report	5.1 Regulation/Liability, 5.3 Government Organizations
GAO	2011-11-29	Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at:	No	U.S. Government Report	4.2 Economics of Cybersecurity, 4.4 Usability/Human Factors, 5.3 Government Organizations
GAO	2011-12-09	Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use	No	U.S. Government Report	3.3 Security Targets, 5.1 Regulation/Liability, 5.3 Government Organizations
GAO	2012-01-13	Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements	No	U.S. Government Report	3.3.1.2 Military Networks (.mil), 4.7 Public-Private Cooperation
GAO	2012-02-28	Cybersecurity: Challenges to Securing the Modernized Electricity Grid	No	Non-U.S. Government Report
GAO	2009	Critical Infrastructure Protection - Current Cyber Sector-Specific Planning Approach Needs Reassessment	Yes	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.1 Regulation/Liability, 5.3 Government Organizations
GAO	2009-07	Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses	No	U.S. Government Report	3.3.1.1 Government Networks (.gov), 5.3 Government Organizations
GAO	2009-09	Information Security: Concerted Effort Needed to Improve Federal Performance Measures	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
GAO	2010	Information Security - Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies	Yes	U.S. Government Report	3.3.1.1 Government Networks (.gov), 4.6 Information Sharing/Disclosure, 5.3 Government Organizations
GAO	2011-10-05	Information Security: Additional Guidance Needed to Address Cloud Computing Concerns	No	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations
Geer, Daniel E. and Conway, Daniel G.	2010	Nothing Ventured, Nothing Gained	Yes	Journal Article	4.2 Economics of Cybersecurity, 4.2.1 Risk Management and Investment, 4.2.2 Incentives
Gellman, Robert	2010	Civil Liberties and Privacy Implications of Policies to Prevent Cyberattacks	No	Journal Article	4.8 Attribution, 4.10 Privacy, 5.1 Regulation/Liability
General Accountability Office (GAO)	2010-07-15	Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed	No	U.S. Government Report	3.3 Security Targets, 4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation
General Accountability Office (GAO)	2011-01-12	Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed	No	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 5.1 Regulation/Liability, 5.3 Government Organizations
General Accountability Office (GAO)	2011-03-16	Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems	No	U.S. Government Report	3. Threats and Actors, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
General Accountability Office (GAO)	2011-07-29	Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates	No	U.S. Government Report	4.2 Economics of Cybersecurity, 5.3 Government Organizations
General Accountability Office (GAO)	2011-11-29	Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 4.4 Usability/Human Factors, 5.3 Government Organizations
General Accountability Office (GAO)	2011-12-09	Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use	No	U.S. Government Report
General Services Administration (GSA)	2012-02-07	Concept of Operations: FedRAMP	No	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations
Grady, Mark F.	2006	The Law and Economics of Cybersecurity	Yes	Book	4.2 Economics of Cybersecurity, 5.1 Regulation/Liability
Graham David E	2010	Cyber Threats and the Law of War	Yes	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Granick, Jennifer Stisa	2005	The Price of Restricting Vulnerability Publications	Yes	Journal Article	4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
Hollis, Duncan B.	2007	Why States Need an International Law for Information Operations	Yes	Journal Article	4.12 Cyberwar, 4.13.1 Government to Government Espionage, 5.5 International Law (including Laws of War)
HP TippingPoint DVLabs	2010	2010 Top Cyber Security Risks Report	Yes	Industry report	4.11 Cybercrime, 5.7 Technology
IEEE/EastWest Institute	2010-05-26	The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report)	No	Independent Report	3.3.3 Communications, 4.7 Public-Private Cooperation, 5.4 International Cooperation
Institute for Information Infrastructure Protection	2003	Cyber Security Research and Development Agenda	Yes	Independent Report	4.1 Metrics, 4.2.1 Risk Management and Investment, 5.1 Regulation/Liability
Institute for Science and International Security	2010-12-22	Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment	No	Independent Report	3. Threats and Actors, 3.3 Security Targets, 5.7 Technology
International Instrument Users Association (WIB)	2010-11-10	WIB Security Standard Released	No	Industry Report	3.3 Security Targets, 5.4 International Cooperation
International Telecommunications Union	2012-02-10	ITU Toolkit for Cybercrime Legislation	No	Independent Report
James Clapper, Director of National Intelligence	2011-02-10	Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony)	No	U.S. Government Report	3.1 The Threat and Skeptics, 3.2 Actors and Incentives
Johnson, Eric M.	2008	Managing Information Risk and the Economics of Security	Yes	Book	4.2 Economics of Cybersecurity, 4.2.1 Risk Management and Investment, 5.1 Regulation/Liability
Johnson, Vincent R.	2005	Cybersecurity, Identity Theft, and the Limits of Tort Liability	Yes	Journal Article	4.9 Identity Management, 4.10 Privacy, 5.1 Regulation/Liability
Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum	2009-09-15	National Security Threats in Cyberspace	No	Independent Report
Joseph S. Nye	2010	Cyber Power	Yes	Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Journal of Strategic Studies	2011-10-05	Cyber War Will Not Take Place	No	Journal Article
Kelly A. Gable	2010	Cyber-Apocalypse Now - Securing the Internet Against Cyberterrorism and Using Universal Jurisdiction as a Deterrent	Yes	Journal Article	3.2.4 Terrorists, 3.3 Security Targets, 5.5 International Law (including Laws of War)
Kerr, Paul K. et al. CRS	2010-12-09	The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability	No	U.S. Government Report	3.3 Security Targets, 4.12 Cyberwar, 5.4 International Law (including Laws of War)
Kesan, Jay P. and Hayes, Carol M.	2010	Thinking Through Active Defense in Cyberspace	No	Journal Article	4.2 Economics of Cybersecurity, 5.3 Government Organizations, 5.7 Technology
Kobayashi, Bruce H.	2005	An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and other Public Security Goods	Yes	Journal Article	4.2.1 Risk Management and Investment, 4.2.2 Incentives, 4.7 Public-Private Cooperation
Kobayashi, Bruce H.	2006	An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods	Yes	Journal Article	4.2 Economics of Cybersecurity, 4.2.2 Incentives, 5.6 Deterrence
Korns, Stephen W.	2009	Cyber Operations	Yes	Journal Article	4.8 Attribution, 4.12 Cyberwar, 5.6 Deterrence
Kramer, Franklin D., et. al	2009	Cyberpower and National Security	Yes	Book	1. Overview
Kundra, Vivek	2010-12-09	25 Point Implementation Plan to Reform Federal Information Technology Management	No	U.S. Government Report	3.3.1.1 Government Networks (.gov), 3.3.3.3 Cloud Computing, 5.3 Government Organizations
Kundra, Vivek	2011-02-08	Federal Cloud Computing Strategy	No	U.S. Government Report	3.3.1.1 Government Networks (.gov), 3.3.3.3 Cloud Computing, 5.3 Government Organizations
Lan, Tang et al.	2010	Global Cyber Deterrence: Views from China, the U.S., Russia, India, and Norway	Yes	Independent Report	3.2.1 States, 4.12 Cyberwar, 5.6 Deterrence
Lernard, Thomas M.	2005	An Economic Analysis of Notification Requirements for Data Security Breaches	Yes	Independent Report	4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
Lernard, Thomas M.	2006	Much Ado About Notification	Yes	Journal Article	4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
Lewis, James Andrews	2005	Aux armes, citoyens: Cyber Security and Regulation in the United States	Yes	Journal Article	3.3.1 [[Public Critical Infrastructure, 3.3.2.2 Financial Institutions and Networks, 3.3.2.3 Transportation
Libicki, Martin	2010	Pulling Punches in Cyberspace	No	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Lin, Herbert	2012	Cyber Conflict and National Security	No	Article
Lukasik, Stephen J.	2010	A Framework for Thinking about Cyber Conflict and Cyber Deterrence with Possible Declatory Policies for these Domain	No	Journal Article	3.2 Actors and Incentives, 5.4 International Cooperation, 5.6 Deterrence
Massachusetts Institute of Technology (MIT)	2011-12-05	The Future of the Electric Grid	No	Independent Report	3.3.2.1 Electricity, Oil and Natural Gas, 4. Issues, 5.1 Regulation/Liability
McAfee	2011-08-02	Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years	No	Industry Report	3.2.1 States, 3.3 Security Targets, 4.13 Espionage
McAfee	2012-02-01	Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World	No	Industry Report	3. Threats and Actors, 4. Issues, 5. Approaches
McAfee and Center for Strategic and International Studies (CSIS)	2011-04-21	In the Dark: Crucial Industries Confront Cyberattacks	No	Industry Report	3. Threats and Actors, 3.3.2 Private Critical Infrastructure, 4.7 Public-Private Cooperation
McAfee and the Security Defense Agenda	2012-02-12	Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World	No	Industry Report	1. Overview, 4. Issues, 5. Approaches
McAfee, Inc.	2010	McAfee Threats Report	Yes	Industry Report	3.2.3 Hacktivists, 3.2.5 Criminals and Criminal Organizations, 4.11 Cybercrime
McDermott, Rose	2010	Decision Making Under Uncertainty	No	Journal Article	4.4 Usability/Human Factors, 4.5 Psychology and Politics, 4.8 Attribution
Microsoft	2010-11	Information Security Management System for Microsoft Cloud Infrastructure	No	Industry Report	3.3.3.3 Cloud Computing, 5.2 Private Efforts/Organizations
Mitre Corp (JASON Program Office)	2010-11	Science of Cyber-Security	No	Independent Report	1. Overview, 4. Issues
Moore, Tyler	2010	Introducing the Economics of Cybersecurity: Principles and Policy Options	No	Journal Article	4.2 Economics of Cybersecurity, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
Moore, Tyler	2007	Examining the Impact of Website Take-down on Phishing	Yes	Independent Report	4.2 Economics of Cybersecurity, 4.11 Cybercrime, 5.7 Technology
Moore, Tyler	2008	The Consequence of Non-Cooperation in the Fight Against Phishing	Yes	Independent Report	3.3.2.2 Financial Institutions and Networks, 4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure
Moore, Tyler	2009	The Impact of Incentives on Notice and Take-down	Yes	Book	4.2.2 Incentives, 4.11 Cybercrime, 5.4 International Cooperation
Moore, Tyler, et. al	2009	The Economics of Online Crime	Yes	Journal Article	3.2.5 Criminals and Criminal Organizations, 3.3.2.2 Financial Institutions and Networks, 4.2 Economics of Cybersecurity
Morgan, Patrick M.	2010	Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm	No	Journal Article	4.12 Cyberwar, 5.4 International Cooperation, 5.6 Deterrence
National Association of Secretaries of State	2012-01-12	Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices	No	Independent Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
National Cyber Defense Initiative	2009	National Cyber Defense Financial Services Workshop Report	Yes	Independent Report	3.3.2.2 Financial Institutions and Networks, 4.2.1 Risk Management and Investment, 5.3 Government Organizations
National Cyber Security Alliance and Microsoft	2011-05-13	2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey	No	Industry Report	4.4 Usability/Human Factors
National Cyber Security Summit Task Force	2004	Information Security Governance	Yes	U.S. Government Report	4.7 Public-Private Cooperation, 5.2 Private Efforts/Organizations, 5.3 government Organizations
National Infrastructure Advisory Council	2004	Hardening The Internet	Yes	U.S. Government Report	3.3 Security Targets, 4.7 Public-Private Cooperation, 5.3 Government Organizations
National Initiative for Cybersecurity Education	2011-08-11	National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation	No	U.S. Government Report	1. Overview, 5.3 Government Organizations
National Initiative for Cybersecurity Education (NICE)	2011-11-21	NICE Cybersecurity Workforce Framework	No	U.S. Government Report	4.4 Usability/Human Factors, 5.3 Government Organizations
National Institute of Standards and Technology	2006	SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security	Yes	U.S. Government Report	3.3.1 Public Critical Infrastructure, .2.1 Risk Management and Investment, 5.2 Private Efforts/Organizations
National Institute of Standards and Technology (NIST)	2010-09-02	NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines	No	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 5.1 Regulation/Liability, 5.3 Government Organizations
National Research Council	2009	Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities	No	Independent Report
National Research Council	2010-09-21	Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop	No	Independent Report	4.2 Economics of Cybersecurity, 4.4 Usability/Human Factors, 4.10 Privacy
National Research Council	2010-10-05	Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy	No	Independent Report	3. Threats and Actors, 4. Issues, 5. Approaches
National Research Council	1999	Trust in Cyberspace	Yes	Independent Report	3.3.3.2 Public Data Networks, 4.2.2 Incentives, 4.7 Public-Private Cooperation
National Research Council	2007	Toward a Safer and More Secure Cyberspace	Yes	Independent Report	1. Overview, 4.8 Attribution, 5.6 Deterrence
National Research Council, Committee for Advancing Software-Intensive Systems Producibility	2010-10-20	Critical Code: Software Producibility for Defense	No	Independent Reprot	3.3.1.2 Military Networks (.mil), 5.3 Government Organizations, 5.7 Technology
National Science and Technology Council	2006	Federal Plan for Cyber Security and Information Assurance Research and Development	Yes	U.S. Government Report	4.1 Metrics, 4.7 Attribution, 4.8 Public-Private Cooperation
National Science Foundation	2011-08-11	At the Forefront of Cyber Security Research	No	U.S. Government Report	5.7 Technology
National Science Foundation	2012-01-17	Information Security Risk Taking	No	U.S. Government Report	4.1 Metrics, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations
National Security Cyberspace Institute	2012-07-11	Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies	No	Independent Report
National Security Initiative	2010-10-18	American Security Challenge	No	Independent Report
Networking and Information Technology Research and Development	2009	National Cyber Leap Year Summit 2009, Co-Chairs' Report	Yes	U.S. Government Report	4.6 Information Sharing/Disclosure, 4.9 Identity Management, 5.7 Technology
NIST	2011-09-01	Cloud Computing Reference Architecture	No	U.S. Government Report	3.3.3.3 Cloud Computing
NIST	2011-12-01	U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters	No	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations
NIST	2012-02-17	Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace	No	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
Nojeim, Gregory T.	2009	Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace	Yes	U.S. Government Hearing	3.3.2 Private Critical Infrastructure, 4.10 Privacy, 5.1 Regulation/Liability
North American Electric Reliability Corp. (NERC)	2011-01-26	Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security	No	U.S. Government Report	3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
NSTC	2011-12	Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program	No	U.S. Government Report	5.3 Government Organizations
Nye, Joseph	2010	Cyber Power	Yes	Book	4.12 Cyberwar, 4.13 Espionage, 5.5 International Law (including Laws of War)
OECD	2009	Cybersecurity and Economic Incentives	Yes	Non-U.S. Government Report	4.2 Economics of Cybersecurity, 4.2.2 Incentives
OECD	2009	The Market Consequences of Cybersecurity	Yes	Non-U.S. Government Report	4.2 Economics of Cybersecurity, 4.2.2 Incentives
Office of the National Counterintelligence Executive	2011-11-03	Foreign Spies Stealing US Economic Secrets in Cyberspace	No	U.S. Government Report	3. Threats and Actors, 3.2 Actors and Incentives, 4.13 Espionage
Organisation for Economic Co-operation and Development (OECD)	2010-11-12	The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data	No	Independent Report	3. Threats and Actors, 5.7 Technology
Organization for Economic Co-operation and Development (OECD)	2012-01-10	ICT Applications for the Smart Grid: Opportunities and Policy Implications	No	Independent Report
PCAST	2010-12	Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology	No	U.S. Government Report	4.3 Supply Chain Issues, 4.10 Privacy, 5.3 Government Organizations
PCAST	2011-06	Report to the President on Ensuring American Leadership in Advanced Manufacturing	No	U.S. Government Report	4.2.1 Risk Management and Investment, 5.3 Government Organizations
Perkins, Earl	2009	Evolving Cybersecurity Issues in the Utility Industry	Yes	Independent Report	3.3.2 Private Critical Infrastructure, 3.3.2.4 Water, Sewer, etc., 4.7 Public-Private Cooperation
Pew Research Center’s Internet & American Life Project	2010-06-11	The future of cloud computing	No	Independent Report	3.3.3.3 Cloud Computing
Powell, Benjamin	2005	Is Cybersecurity a Public Good	Yes	Journal Article	4.2 Economics of Cybersecurity, 4.2.5 Market Failure, 5.1 Regulation/Liability
President's Commission on Critical Infrastructure Protection	1997	Critical Foundations	Yes	U.S. Government Report	3.3.2 Private Critical Infrastructure, 3.3.3 Communications, 5.3 Government Organizations
President's Information Technology Advisory Council	2005	Cyber Security: A Crisis of Prioritization	Yes	U.S. Government Report	4.2.2 Incentives, 4.7 Public-Private Cooperation, 5.3 Government Organizations
Project on National Security Reform (PNSR)	2010-11	The Power of People: Building an Integrated National Security Professional System for the 21st Century	No	U.S. Government Report	4.4 Usability/Human Factors, 5.3 Government Organizations
Quadrennial Defense Review	2010-07-30	The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report)	No	U.S. Government Report	3.3.1.2 Military Networks (.mil), 5.3 Government Organizations
RAND	2011-12-21	A Cyberworm that Knows No Boundaries	No	Independent Report	3. Threats and Actors, 5.3 Government Organizations, 5.7 Technology
Rattray, Gregory and Healey, Jason	2010	Categorizing and Understanding Offensive Cyber Capabilities and Their Use	No	Journal Article	3.1 The Threat and Skeptics, 3.3 Security Targets, 4.12 Cyberwar
Rollins, John and Wilson, Clay	2007	Terrorist Capabilities for Cyberattack	Yes	U.S. Government Report	3.2.4 Terrorists, 3.3 Security Targets, 4.2.2 Incentives
Romanosky et al.	2008	Do Data Breach Disclosure Laws Reduce Identity Theft	Yes	Independent Report	4.2.2 Incentives, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
Rosenzweig, Paul	2010	The Organization of the United States Government and Private Sector for Achieving Cyber Deterrence	No	Journal Article	4.3 Supply Chain Issues, 4.7 Public-Private Cooperation, 5.3 Government Organizations
Rotenberg et. al.	2010	The Cyber War Threat Has Been Grossly Exaggerated	Yes	Article	3.1 The Threat and Skeptics, 3.2.1 States, 4.12 Cyberwar
Rue, Rachel and Pfleeger, Shari Lawrence	2009	Making the Best Use of Cybersecurity Economic Models	Yes	Journal Article	4.1 Metrics, 4.2.1 Risk Management and Investment
Santos, Joost R., et. al	2007	A Framework for Linking Cybersecurity Metrics to the Modeling of Macroeconomic Interdependencies	Yes	Journal Article	3.3.2 Private Critical Infrastructure, 4.1 Metrics
Schmitt Michael N	2002	Wired warfare: Computer network attack and jus in bello	Yes	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Schmitt Michael N	2004	Direct Participation in Hostilities and 21st Century Armed Conflict	Yes	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Schmitt, Michael N.	1999	Computer Network Attack and the Use of Force in International Law	Yes	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Schmitt, Michael N.	2010	Cyber Operations in International Law: The Use of Force, Collective Security, Self-Defense, and Armed Conflicts	No	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Schmitt, Michael N., et. al	2004	Computers and War	Yes	Independent Report	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
Schneidewind, Norman	2010	Metrics for Mitigating Cybersecurity Threats to Networks	Yes	Journal Article	4.1 Metrics
Schneier, Bruce	2003	Beyond Fear	Yes	Book	3.2 Actors and Incentives, 4.5 Psychology and Politics, 5.6 Deterrence
Schneier, Bruce	2008	Schneier on Security	Yes	Book	3.2 Actors and Incentives, 4.4 Usability/Human Factors, 5.1 Regulation/Liability
Schwartz, Paul	2007	Notification of Data Security Breaches	Yes	Journal Article	4.2.2 Incentives, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
Secretary of the Air Force	2011-07-27	Legal Reviews of Weapons and Cyber Capabilities	No	U.S. Government Report	4.12 Cyberwar, 5.3 Government Organizations, 5.5 International Law (including Laws of War)
Shackelford, Scott J.	2010	Estonia Three Years Later	Yes	Journal Article	3.2.1 States, 4.12 Cyberwar
Shah, Shashi K.	2004	The Evolving Landscape of Maritime Cybersecurity	Yes	Journal Article	3.3.1 Public Critical Infrastructure, 3.3.2.3 Transportation
Sklerov, Matthew J.	2009	Solving the Dilemma of State Responses to Cyberattacks	Yes	Journal Article	3.2.1 States, 4.8 Attribution, 5.5 International Law (including Laws of War)
Sofaer, Abraham; Clark, David; and Diffie, Whitfield	2010	Cyber Security and International Cooperation	No	Journal Article	5.1 Regulation/Liability, 5.4 International Cooperation, 5.5 International Law (including Laws of War)
Software and Information Industry Association (SAII)	2011-07-26	Guide to Cloud Computing for Policy Makers	No	Independent Report	3.3.3.3 Cloud Computing, 5.1 Regulation/Liability, 5.7 Technology
Stohl, Michael	2006	Cyber Terrorism	Yes	Journal Article	3.2.3 Hacktivists, 3.2.4 Terrorists, 4.5 Psychology and Politics
Stuart Madnick et al.	2009	Experiences and Challenges with Using CERT Data to Analyze International Cyber Security	Yes	Journal Article	4.6 Information Sharing/Disclosure, 5.4 International Cooperation
Swire, Peter P.	2004	A Model for When Disclosure Helps Security	Yes	Journal Article	4.2.2 Incentives, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
Swire, Peter P.	2006	A Theory of Disclosure for Security and Competitive Reasons	Yes	Journal Article	4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
Symantec	2011-10-24	W32.Duqu: The Precursor to the Next Stuxnet	No	Industry Report	3. Threats and Actors, 5.7 Technology
Symantec Corporation	2010	Symantec Global Internet Security Threat Report	Yes	Industry Report	3.3.2.2 Financial Institutions and Networks, 4.2 Economics of Cybersecurity, 4.11 Cybercrime
Telang, Rahul	2007	Impact of Software Vulnerability Announcements on the Market Value of Software Vendors	Yes	Journal Article	4.1 Metrics, 4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure
Theohary, Catherine A. and Rollins, John	2010	Cybersecurity: Current Legislation, Executive Branch Initiatives, and Options for Congress	Yes	U.S. Government Report	4.7 Public-Private Cooperation, 5.1 Regulation/Liability, 5.3 Government Organizations
Thom, Maxie	2006	Information Warfare Arms Control: Risks and Costs	Yes	Journal Article	3.2.1 States, 4.12 Cyberwar, 5. Approaches
Thomas, Rob	2006	The Underground Economy	Yes	Journal Article	3.2.5 Criminals and Criminal Organizations, 3.3.2.2 Financial Institutions and Networks, 4.11 Cybercrime
Threat Level Blog (Wired)	2010-12-27	A Four-Day Dive Into Stuxnet’s Heart	No	Independent Report	3. Threats and Actors, 5.7 Technology
Todd, Graham H.	2009	Armed Attack in Cyberspace	Yes	Journal Article	3.2.1 States, 4.8 Attribution, 5.5 International Law (including Laws of War)
Trend Micro Incorporated	2010	Trend Micro Annual Report	Yes	Industry Report	4.11 Cybercrime
U.S. Air Force	2010-07-15	Cyberspace Operations: Air Force Doctrine Document 3-12	No	U.S. Government Report	3.3.1.2 Military Networks (.mil), 4.12 Cyberwar, 5.3 Government Organizations
U.S. Army War College	2011-05-09	Cyber Infrastructure Protection	No	U.S. Government Report
U.S. Army War College, Strategy Research Project	2011-03-24	China’s Cyber Power and America’s National Security	No	U.S. Government Report	3.2.1 States, 4.13 Espionage, 5.3 Government Organizations
U.S. Department of Energy, Infrastructure Security and Energy Restoration	2007-01-01	21 Steps to Improve Cyber Security of SCADA Networks	No	U.S. Government Report	3.3 Security Targets, 5.3 Government Organizations, 5.7 Technology
U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs)	2010-009	Defending a New Domain	No	U.S. Government Report
U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power)	2011-03-31	Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs	No	U.S. Government Hearing	4.2 Economics of Cybersecurity, 5.3 Government Organizations
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2011-02-11	What Should the Department of Defense’s Role in Cyber Be?	No	U.S. Government Hearing	3.1 The Threat and Skeptics, 4.12 Cyberwar, 5.3 Government Organizations
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2011-03-16	2012 Budget Request from U.S. Cyber Command	No	U.S. Government Hearing	3.3.1.2 Military Networks (.mil), 4.2 Economics of Cybersecurity
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2011-11-03	Institutionalizing Irregular Warfare Capabilities	No	U.S. Government Hearing	4.12 Cyberwar
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2012-03-20	Fiscal 2013 Defense Authorization: IT and Cyber Operations	No	U.S. Government Hearing	4.2.1 Risk Management and Investment, 5.3 Government Organizations
U.S. House Committee on Energy and Commerce	2011-05-31	Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act	No	U.S. Government Hearing	3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade)	2011-06-02	Sony and Epsilon: Lessons for Data Security Legislation	No	U.S. Government Hearing	4.9 Identity Management, 5.1 Regulation/Liability, 5.2 Private Efforts/Organizations
U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing)	2011-06-15	Discussion Draft of H.R. ___, a bill to require greater protection for sensitive consumer data and timely notification in case of breach	No	U.S. Government Hearing	4.6 Information Sharing/Disclosure, 4.10 Privacy, 5.1 Regulation/Liability
U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)	2012-03-07	Cybersecurity:Networks The Pivotal Role of Communications	No	U.S. Government Hearing	3.3.3 Communications, 5.3 Government Organizations, 5.7 Technology
U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)	2012-03-28	Cybersecurity:Threats to Communications Networks and Public-Sector Responses	No	U.S. Government Hearing	3.3.3 Communications, 4.7 Public-Private Cooperation, 5.3 Government Organizations
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)	2011-07-26	Cybersecurity: Infrastructure An Overview of Risks to Critical	No	U.S. Government Hearing	3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation, 5.3 Government Organizations
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)	2012-02-28	Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security	No	U.S. Government Hearing	3.3.2.1 Electricity, Oil and Natural Gas, 4.2.1 Risk Management and Investment
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)	2012-03-27	IT Supply Chain Security: Review of Government and Industry Efforts	No	U.S. Government Hearing	4.3 Supply Chain Issues
U.S. House Committee on Financial Services (field hearing in Hoover, AL)	2011-06-29	Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information	No	U.S. Government Hearing	3.3.2.2 Financial Institutions and Networks, 5.1 Regulation/Liability
U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit)	2011-09-14	Combating Cybercriminals	No	U.S. Government Hearing	3.3.1.1 Government Networks (.gov), 3.3.2.2 Financial Institutions and Networks, 5.7 Government Organizations
U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations)	2011-04-15	Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology	No	U.S. Government Hearing	3.2.1 States, 4.12 Cyberwar, 4.13 Espionage
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)	2012-04-19	The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development	No	U.S. Government Hearing	4.2.1 Risk Management and Investment, 5.3 Government Organizations, 5.7 Technology
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)	2012-04-26	Iranian Cyber Threat to U.S. Homeland	No	U.S. Government Hearing	3.2.1 States, 3.3 Security Targets, 4.12 Cyberwar
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2011-02-11	Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities	No	U.S. Government Hearing	3.3.2 Private Critical Infrastructure, 5.1 Regulation/Liability, 5.7 Technology
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2011-03-16	Examining the Cyber Threat to Critical Infrastructure and the American Economy	No	U.S. Government Hearing	3.1 The Threat and Skeptics, 3.3 Security Targets, 4.2 Economics of Cybersecurity
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2011-04-15	DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure	No	U.S. Government Hearing	3.3.2 Private Critical Infrastructure, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2011-06-24	Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal	No	U.S. Government Hearing	3.3.1.1 Government Networks (.gov), 4.9 Identity Management, 5.3 Government Organizations
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2011-12-06	Hearing on Draft Legislative Proposal on Cybersecurity	No	U.S. Government Hearing	3.1 The Threat and Skeptics, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)	2012-02-01	Consideration and Markup of H.R. 3674	No	U.S. Government Hearing	4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology)	2011-10-06	Cloud Computing: What are the Security Implications?	No	U.S. Government Hearing	3.3.3.3 Cloud Computing, 4.13 Espionage, 5.3 Government Organizations
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies)	2011-05-26	Unlocking the SAFETY Act’s Potential to Promote Technology and Combat Terrorism	No	U.S. Government Hearing	4.11 Cybercrime, 5.1 Regulation/Liability, 5.7 Technology
U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management)	2012-04-24	America is Under Cyber Attack: Why Urgent Action is Needed	No	U.S. Government Hearing	3.1 The Threat and Skeptics, 3.2 Actors and Incentives
U.S. House Committee on Oversight and Government Reform	2011-07-07	Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat	No	U.S. Government Hearing	3.3 Security Targets, 4.7 Public-Private Cooperation, 5.3 Government Organizations
U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations)	2011-05-25	Cybersecurity: Assessing the Immediate Threat to the United States	No	U.S. Government Hearing	3.1 The Threat and Skeptics, 3.3.1 Public Critical Infrastructure, 4.7 Public-Private Cooperation
U.S. House Committee on Science, Space and Technology	2011-07-21	Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011	No	U.S. Government Hearing	4.2.1 Risk Management and Investment, 5.1 Regulation/Liability, 5.7 Technology
U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education)	2011-05-25	Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts	No	U.S. Government Hearing	3.3.1.1 Government Networks (.gov), 5.3 Government Organizations, 5.7 Technology
U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight)	2012-02-29	NASA Cybersecurity: An Examination of the Agency’s Information Security	No	U.S. Government Hearing	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations, 5.7 Technology
U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation)	2011-09-21	The Cloud Computing Outlook	No	U.S. Government Hearing	3.3.3.3 Cloud Computing, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology)	2011-12-01	Cyber Security: Protecting Your Small Business	No	U.S. Government Hearing	4.2.1 Risk Management and Investment, 5.1 Regulation/Liability
U.S. House Committee on the Judiciary	2011-11-16	Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act)	No	U.S. Government Hearing	4.11 Cybercrime, 5.1 Regulation/Liability
U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security)	2011-11-15	Cybersecurity: Protecting America’s New Frontier	No	U.S. Government Hearing	4.10 Privacy, 4.11 Cybercrime
U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet)	2011-05-25	Cybersecurity: Problems Innovative Solutions to Challenging	No	U.S. Government Hearing	4.7 Public-Private Cooperation, 4.11 Cybercrime, 5.2 Private Efforts/Organizations
U.S. House Permenant Select Committee on Intelligence	2011-02-10	World Wide Threats	No	U.S. Government Hearing	3.1 The Threat and Skeptics, 5.1 Regulation/Liability, 5.3 Government Organizations
U.S. House Permenant Select Committee on Intelligence	2011-10-04	Cyber Threats and Ongoing Efforts to Protect the Nation	No	U.S. Government Hearing	4.7 Public-Private Cooperation, 4.13.2 Industrial Espionage, 5.4 International Cooperation
U.S. House Permenant Select Committee on Intelligence	2011-12-01	Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011	No	U.S. Government Hearing	4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
U.S. Navy	2010-06-17	DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance	No	U.S. Government Report	3.3.1.2 Military Networks (.mil), 5.3 Government Organizations
U.S. Senate Committee on Armed Services	2012-03-27	To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program.	No	U.S. Government Hearing	3.2.1 States, 4.2 Economics of Cybersecurity, 4.12 Cyberwar
U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2011-05-03	To receive testimony on the health and status of the defense industrial base and its science and technology-related elements	No	U.S. Government Hearing	3.3.1.2 Military Networks (.mil), 4.3 Supply Chain Issues, 5.3 Government Organizations
U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)	2012-03-20	To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program	No	U.S. Government Hearing	4.2.1 Risk Management and Investment, 4.12 Cyberwar, 5.3 Government Organizations
U.S. Senate Committee on Banking, Housing and Urban Affairs	2011-06-21	Cybersecurity and Data Protection in the Financial Sector	No	U.S. Government Hearing	3.3.2.2 Financial Institutions and Networks, 4.10 Privacy, 5.1 Regulation/Liability
U.S. Senate Committee on Commerce, Science and Transportation	2011-06-29	Privacy and Data Security: Protecting Consumers in the Modern World	No	U.S. Government Hearing	4.9 Identity Management, 4.10 Privacy, 5.1 Regulation/Liability
U.S. Senate Committee on Energy and Natural Resources	2011-03-15	[ Cybersecurity and Critical Electric Infrastructure (closed)]	No	U.S. Government Hearing	3.3.2.1 Electricity, Oil and Natural Gas
U.S. Senate Committee on Energy and Natural Resources	2011-05-05	Cybersecurity of the Bulk-Power System and Electric Infrastructure	No	U.S. Government Hearing	3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation
U.S. Senate Committee on Homeland Security and Governmental Affairs	2011-02-17	Homeland Security Department’s Budget Submission for Fiscal Year 2012	No	U.S. Government Hearing
U.S. Senate Committee on Homeland Security and Governmental Affairs	2011-03-10	Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration	No	U.S. Government Hearing	3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations
U.S. Senate Committee on Homeland Security and Governmental Affairs	2011-05-23	Protecting Cyberspace: Assessing the White House Proposal	No	U.S. Government Hearing	3.3 Security Targets, 5.1 Regulation/Liability
U.S. Senate Committee on Homeland Security and Governmental Affairs	2012-02-16	Securing America’s Future: The Cybersecurity Act of 2012	No	U.S. Government Hearing	3.3.2 Private Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
U.S. Senate Committee on Judiciary	2011-03-30	Oversight of the Federal Bureau of Investigation	No	U.S. Government Hearing	3. Threats and Actors, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations
U.S. Senate Committee on Judiciary	2011-09-07	Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats	No	U.S. Government Hearing	3.11 Cybercrime, 4.13.2 Industrial Espionage, 5.1 Regulation/Liability
U.S. Senate Committee on Judiciary	2012-03-13	The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know	No	U.S. Government Hearing	3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)	2011-04-12	Cyber Security: Responding to the Threat of Cyber Crime and Terrorism	No	U.S. Government Hearing	4.11 Cybercrime, 5.1 Regulation/Liability
U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)	2011-06-21	Cybersecurity: Evaluating the Administration’s Proposals	No	U.S. Government Hearing	1. Overview, 5.1 Regulation/Liability, 5.3 Government Organizations
U.S. Senate Committee on Small Business and Entrepreneurship	2011-07-25	Role of Small Business in Strengthening Cybersecurity Efforts in the United States	No	U.S. Government Hearing	4.2.2 Incentives, 4.7 public-Private Cooperation
United States Secret Service	2004	Insider Threat Study	Yes	U.S. Government Report	3.3.2.2 Financial Institutions and Networks, 4.2.2 Incentives, 4.4 Usability/Human Factors
University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research	2011-01-13	Design of the DETER Security Testbed	No	Independent Report	5.3 Government Organizations, 5.7 Technology
van Eeten, Michael and Bauer, Johannes M.	2009	Emerging Threats to Internet Security: Incentives, Externalities and Policy Implications	Yes	Journal Article	3.3.1.1 Government Networks (.gov), 4.2 Economics of Cybersecurity, 4.11 Cybercrime
van Eeten, Michel J. G.	2008	Economics of Malware	Yes	Non-U.S. Government Report	4.2 Economics of Cybersecurity
Varian, Hal	2000	Managing Online Security Risks	Yes	Article	4.2 Economics of Cybersecurity, 4.2.1 Risk Management and Investment
Varian, Hal	2004	System Reliability and Free Riding	Yes	Book	4.2 Economics of Cybersecurity
Vatis, Michael A.	2010	The Council of Europe Convention on Cybercrime	No	Journal Article	4.11 Cybercrime, 5.5 International Law (including Laws of War), 5.6 Deterrence
Verizon	2010	2010 Data Breach Investigations Report	Yes	Industry Report	3.3.2.2 Financial Institutions and Networks, 4.11 Cybercrime, 5.2 Private Efforts/Organizations
Watts, Sean	2010	Combatant Status and Computer Network Attack	Yes	Journal Article	3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
White House	2009	Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure	No	U.S. Government Report	1. Overview, 4.7 Public-Private Cooperation
White House	2011-04	National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy	No	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management
White House	2011-05	International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World	No	U.S. Government Report	1. Overview
White House	2012-01	National Strategy for Global Supply Chain Security	No	U.S. Government Report	4.3 Supply Chain Issues
White House	2012-02	Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy	No	U.S. Government Report	4.10 Privacy, 5.1 Regulation/Liability
White House	2010-12-16	Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 4. Issues, 5. Approaches
White House	2011-02-13	Federal Cloud Computing Strategy	No	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations, 5.7 Technology
White House	2011-04-15	Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace	No	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
White House	2011-04-15	National Strategy for Trusted Identities in Cyberspace	No	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
White House	2003	The National Strategy to Secure Cyberspace	Yes	U.S. Government Report	4.7 Public-Private Cooperation, 5.3 Government Organizations, 5.4 International Cooperation
White House	2009	Cyberspace Policy Review	Yes	U.S. Government Report	4.7 Public-Private Cooperation, 5.2 Private Efforts/Organizations, 5.3 Government Organizations
White House	2010	The Comprehensive National Cybersecurity Initiative	Yes	U.S. Government Report	3.3.1 Public Critical Infrastructure, 3.3.2 Private Critical Infrastructure, 5.3 Government Organizations
White House (Office of Science & Technology Policy)	2010-12-06	Partnership for Cybersecurity Innovation	No	U.S. Government Report	3.3.2.2 Financial Institutions and Networks, 4.7 Public-Private Cooperation, 5.3 Government Organizations
White House/Office of Management and Budget (OMB)	2011-12-08	Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP)	No	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations
White House/OMB	2009-05-29	Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure	No	U.S. Government Report	4. Issues, 5. Approaches
White House/OMB	2010-03-02	Comprehensive National Cybersecurity Initiative (CNCI)	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 5.3 Government Organizations, 5.7 Technology
White House/OMB	2010-06-25	The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy	No	U.S. Government Report	4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
White House/OMB	2010-07-06	Clarifying Cybersecurity Responsibilities	No	U.S. Government Report	5.3 Government Organizations
White House/OMB	2010-12-09	25 Point Implementation Plan to Reform Federal Information Technology Management	No	U.S. Government Report	4.2 Economics of Cybersecurity, 5.3 Government Organizations, 5.7 Technology
White House/OMB	2011-02-13	Federal Cloud Computing Strategy	No	U.S. Government Report	3.3.3.3 Cloud Computing, 5.3 Government Organizations, 5.7 Technology
White House/OMB	2011-05-12	Cybersecurity Legislative Proposal (Fact Sheet)	No	U.S. Government Report	4. Issues, 5.3 Government Organizations
White House/OMB	2011-05-16	International Strategy for Cyberspace	No	U.S. Government Report	4.6 Information Sharing/Disclosure, 5.3 Government Organizations, 5.4 International Cooperation
White House/OMB	2011-09-14	FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa	No	U.S. Government Report	4.6 Information Sharing/Disclosure, 5.3 Government Organizations
White House/OMB	2011-10-07	Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information	No	U.S. Government Report	3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations
White House/OMB	2011-12-06	Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program	No	U.S. Government Report	5.3 Government Organizations, 5.7 Technology
Wilshusen, Gregory C. and Powner, David A.	2009	Continued Efforts Are Needed to Protect Information Systems from Evolving Threats	Yes	U.S. Government Hearing	3.3.1.1 Government Networks (.gov), 5.1 Regulation/Liability, 5.3 Government Organizations
Wilson, Clay	2007-03-20	Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues	No	U.S. Government Report	3.3 Security Targets, 4.12 Cyberwar
Zittrain, Jonathan L.	2008	The Future of the Internet and How To Stop It	Yes	Book	4.4 Usability/Human Factors, 5.1 Regulation/Liability
Centre for Secure Information Technologies	2012	2nd World Cyber security Technology Research Summit (Belfast 2012)	No	Independent Report

Difference between revisions of "Template:Filtered Table"

Latest revision as of 16:03, 25 January 2013

Navigation menu

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

Tools

@@ Line 130: / Line 130: @@
 ! align="center" style="background-color:#f0f0f0;"|'''Date'''
 ! align="center" style="background-color:#f0f0f0;"|'''Title'''
+! align="center" style="background:#f0f0f0;"|'''Wiki Entry'''
 ! align="center" style="background:#f0f0f0;"|'''Type'''
 ! align="center" style="background:#f0f0f0;"|'''Category'''
-! align="center" style="background:#f0f0f0;"|'''Wiki Entry'''
 |-
 |-
-| Schneier, Bruce ||2003||[[Beyond_Fear|Beyond Fear ]]||Book ||3.2 [[Actors and Incentives]],<br>4.5 [[Psychology and Politics]],<br>5.6 [[Deterrence]]||Yes
+| Aloise, Gene et al.||2008||[[Nuclear_Security|Nuclear Security]]||Yes||U.S. Government Report||3.3 [[Security Targets]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]]
+|-
+| Anderson, Ross ||2001||[[Why_Information_Security_is_Hard|Why Information Security is Hard ]]||Yes||Independent Report ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]],<br>5.1 [[Regulation/Liability]]
+|-
+| Anderson, Ross ||2006||[[The_Economics_of_Information_Security|The Economics of Information Security ]]||Yes||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]
+|-
+| Anderson, Ross J. ||2008||[[Security_Engineering|Security Engineering ]]||Yes||Book ||3.2 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]
+|-
+| Anderson, Ross, et. al ||2008||[[Security_Economics_and_the_Internal_Market|Security Economics and the Internal Market ]]||Yes||Article||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.6 [[Deterrence]]
+|-
+| Arora et al. ||2006||[[Does_Information_Security_Attack_Frequency_Increase_With_Vulnerability_Disclosure|Does Information Security Attack Frequency Increase With Vulnerability Disclosure ]]||Yes||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]]
+|-
+| Aviram, Amitai ||2004||[[Overcoming_Impediments_to_Information_Sharing|Overcoming Impediments to Information Sharing ]]||Yes||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]
+|-
+| Barkham, Jason ||2001||[[Information_Warfare_and_International_Law_on_the_Use_of_Force|Information Warfare and International Law on the Use of Force ]]||Yes||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
+|-
+| Bauer, Johannes M. and van Eeten, Michel J. G.||2009||[[Cybersecurity|Cybersecurity: Stakeholder Incentives, Externalities, and Policy Options]]||Yes||Journal Article||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]]
+|-
+| Beard, Jack M. ||2009||[[Law_and_War_in_the_Virtual_Era|Law and War in the Virtual Era ]]||Yes||Journal Article ||4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
+|-
+| Bellovin, Steven M.||2009||[[The_Government_and_Cybersecurity|The Government and Cybersecurity]]||Yes||Journal Article||3.2 [[Actors and Incentives]],<br>4.7[[Public-Private Cooperation]]
+|-
+| Besunder, Allison A.||2009||[[Best_Practices_for_Data_Protection_and_Privacy|Best Practices for Data Protection and Privacy]]||Yes||Book||4.6 [[Information Sharing/Disclosure]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]
+|-
+| Boebert, W. Earl||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059366.pdf A Survey of Challenges in Attribution]||No||Journal Article||4.8 [[Attribution]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
+|-
+| Bohme, Rainer ||2005||[[Cyber-Insurance_Revisited|Cyber-Insurance Revisited ]]||Yes||Independent Report ||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,4.2.5 [[Market Failure]]
+|-
+| Bohme, Rainer ||2006||[[Models_and_Measures_for_Correlation_in_Cyber-Insurance|Models and Measures for Correlation in Cyber-Insurance ]]||Yes||Independent Report ||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]]
+|-
+| Bohme, Rainer ||2010||[[Modeling_Cyber-Insurance|Modeling Cyber-Insurance ]]||Yes||Independent Report ||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,5.2 [[Private Efforts/Organizations]]
+|-
+| Booz Allen Hamilton and the Economist Intelligence Unit ||2012-01-15||[http://www.cyberhub.com/CyberPowerIndex Cyber Power Index ]||No||Industry Report||4. [[Issues]],<br>4.1 [[Metrics]],<br>5. [[Approaches]]
+|-
+| Bradley, Curtis A. and Goldsmith, Jack L.||2011||[[Overview_of_International_Law_and_Institutions|Overview of International Law and Institutions]]||Yes||Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
+|-
+| Brown, Davis ||2006||[[A_Proposal_for_an_International_Convention_To_Regulate_the_Use_of_Information_Systems_in_Armed_Conflict|A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict ]]||Yes||Journal Article ||3.3.1.2 [[Military Networks (.mil)]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
+|-
+| Burstein, Aaron J.||2008||[[Amending_The_ECPA_To_Enable_a_Culture_of_Cybersecurity_Research|Amending the ECPA to Enable a Culture of Cybersecurity Research]]||Yes||Journal Article||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]
+|-
+| Business Roundtable||2011-10-11||[http://businessroundtable.org/uploads/studies-reports/downloads/2011_10_Mission_Critical_A_Public-Private_Strategy_for_Effective_Cybersecurity.pdf Mission Critical: A Public-Private Strategy for Effective Cybersecurity ]||No||Independent Report||
+|-
+| Business Software Alliance ||2012-02-02||Global Cloud Computing Scorecard a Blueprint for Economic Opportunity||No||Industry Report||3.3.3.3 [[Cloud Computing]]
+|-
+| Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America ||2011-03-08||[http://www.cdt.org/files/pdfs/20110308_cbyersec_paper.pdf Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper ]||No||Industry Report||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5. [[Approaches]]
+|-
+| Cabinet Office (United Kingdom) ||2011-11-11||[http://www.cabinetoffice.gov.uk/sites/default/files/resources/uk-cyber-security-strategy-final.pdf The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world ]||No||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
+|-
+| Camp, L. Jean ||2004||[[Economics_of_Information_Security|Economics of Information Security ]]||Yes||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]
+|-
+| Camp, L. Jean ||2004||[[Pricing_Security|Pricing Security ]]||Yes||Book ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]]
+|-
+| Center for a New American Security||2012-06-11||[http://www.cnas.org/node/6405 America’s Cyber Future: Security and Prosperity in the Information Age ]||No||Independent Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]]
+|-
+| Center for Strategic and International Studies ||2008||[[Securing_Cyberspace_for_the_44th_Presidency|Securing Cyberspace for the 44th Presidency ]]||Yes||Independent Report ||4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]],<br>5.4 [[International Cooperation]]
+|-
+| Centre for Secure Information Technologies||2011||[http://www.csit.qub.ac.uk/sites/CSIT/InnovationatCSIT/Reports/Filetoupload,295594,en.pdf World Cybersecurity Technology Research Summit (Belfast 2011) ]||No||Independent Report||
+|-
+| Cetron, Marvin J. and Davies, Owen||2009||[[World_War_3.0:_Ten_Critical_Trends_for_Cybersecurity|World War 3.0: Ten Critical Trends for Cybersecurity]]||Yes||Journal Article||3.2 [[Actors and Incentives]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.12 [[Cyberwar]]
+|-
+| Clark, David and Landau, Susan||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059365.pdf Untangling Attribution]||No||Journal Article||4.8 [[Attribution]],<br>5.6 [[Deterrence]],<br>5.7 [[Technology]]
+|-
+| Clarke, Richard A. ||2010||[[Cyber_War|Cyber War ]]||Yes||Book ||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]]
+|-
+| Clinton, Larry ||Undated ||[[Cyber-Insurance_Metrics_and_Impact_on_Cyber-Security|Cyber-Insurance Metrics and Impact on Cyber-Security ]]||Yes||Independent Report ||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]]
+|-
+| Cloud Security Alliance ||2009-12||[http://www.cloudsecurityalliance.org/csaguide.pdf Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 ]||No||Independent Report||3.3.3.3 [[Cloud Computing]],<br>4. [[Issues]],<br>5.2 [[Private Efforts/Organizations]]
+|-
+| Cohen, Geoff||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059445.pdf Targeting Third Party Collaboration]||No||Journal Article||3.1 [[The Threat and Skeptics]],<br>4.7 [[Public-Private Cooperation]],<br>4.11 [[Cybercrime]]
+|-
+| Computer Economics, Inc. ||2007||[[2007_Malware_Report|2007 Malware Report ]]||Yes||Industry Report ||4.2 [[Economics of Cybersecurity]]
+|-
+| Computing Research Association ||2003-||[[Four_Grand_Challenges_in_Trustworthy_Computing|Four Grand Challenges in Trustworthy Computing ]]||Yes||Independent Report ||4.4 [[Usability/Human Factors]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]]
+|-
+| Cornish, Paul||2009||[[Cyber_Security_and_Politically,_Socially_and_Religiously_Motivated_Cyber_Attacks|Cyber Security and Politically, Socially and Religiously Motivated Cyber Attacks]]||Yes||Non-U.S. Government Report||3.2 [[Actors and Incentives]],<br>5.4 [[International Cooperation]]
+|-
+| Cornish, Paul et al.||2009||[[Cyberspace_and_the_National_Security_of_the_United_Kingdom|Cyberspace and the National Security of the United Kingdom - Threats and Responses]]||Yes||Independent Report||3. [[Threats and Actors]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
+|-
+| Council on Foreign Relations ||2010-07-15||[http://i.cfr.org/content/publications/attachments/Knake%20-Testimony%20071510.pdf Untangling Attribution: Moving to Accountability in Cyberspace [Testimony]]||No||Independent Report||3.2 [[Actors and Incentives]],<br>4.8 [[Attribution]],<br>5. [[Approaches]]
+|-
+| CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies ||2011-01||[http://csis.org/files/publication/110128_Lewis_CybersecurityTwoYearsLater_Web.pdf Cybersecurity Two Years Later ]||No||Independent Report||3. [[Threats and Actors]],<br>5. [[Approaches]],<br>5.3 [[Government Organizations]]
+|-
+| Cyber Security Forum Initiative ||2011-05-09||[http://www.unveillance.com/wp-content/uploads/2011/05/Project_Cyber_Dawn_Public.pdf Cyber Dawn: Libya ]||No||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]
+|-
+| Department of Commerce ||2011-06-14||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]
+|-
+| Department of Commerce ||2010||[[Defense_Industrial_Base_Assessment|Defense Industrial Base Assessment ]]||Yes||U.S. Government Report ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]
+|-
+| Department of Commerce, Internet Policy Task Force||2011-06||[http://www.nist.gov/itl/upload/Cybersecurity_Green-Paper_FinalVersion.pdf Cybersecurity, Innovation and the Internet Economy]||No||U.S. Government Report||4.2 [[Economics of Cybersecurity]],<br>4.7 [[Public-Private Cooperation]]
+|-
+| Department of Defense ||2011-07-14||[http://www.defense.gov/news/d20110714cyber.pdf Department of Defense Strategy for Operating in Cyberspace ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]
+|-
+| Department of Defense ||2011-11-15||[http://www.defense.gov/home/features/2011/0411_cyberstrategy/docs/NDAA%20Section%20934%20Report_For%20webpage.pdf Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934 ]||No||U.S. Government Report||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
+|-
+| Department of Defense ||2012-02-16||[http://www.fas.org/sgp/othergov/dod/5200_01v1.pdf DOD Information Security Program: Overview, Classification, and Declassification ]||No||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]
+|-
+| Department of Defense ||2012-04-11||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DoD) ]||No||U.S. Government Report||
+|-
+| Department of Defense ||1999||[[An_Assessment_of_International_Legal_Issues_in_Information_Operations|An Assessment of International Legal Issues in Information Operations ]]||Yes||U.S. Government Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
+|-
+| Department of Defense ||2005-||[[Strategy_for_Homeland_Defense_and_Civil_Support|Strategy for Homeland Defense and Civil Support ]]||Yes||U.S. Government Report ||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
+|-
+| Department of Defense ||2007||[[Mission_Impact_of_Foreign_Influence_on_DoD_Software|Mission Impact of Foreign Influence on DoD Software ]]||Yes||U.S. Government Report ||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| Camp, L. Jean ||2004||[[Economics_of_Information_Security|Economics of Information Security ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes
+| Department of Defense ||2011-04||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DOD) ]||No||U.S. Government Report ||
 |-
-| Camp, L. Jean ||2004||[[Pricing_Security|Pricing Security ]]||Book ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]]||Yes
+| Department of Energy||2012-04||[http://energy.gov/sites/prod/files/OAS-RA-12-04.pdf The Department's Management of the Smart Grid Investment Grant Program]||No||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.2.1 [[Risk Management and Investment]]
 |-
-| Varian, Hal ||2004||[[System_Reliability_and_Free_Riding|System Reliability and Free Riding ]]||Book ||4.2 [[Economics of Cybersecurity]]||Yes
+| Department of Energy (DOE) Inspector General ||2012-01-01||[http://energy.gov/ig/downloads/departments-management-smart-grid-investment-grant-program-oas-ra-12-04 The Department’s Management of the Smart Grid Investment Grant Program ]||No||U.S. Government Report ||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.3 [[Government Organizations]]
 |-
-| Grady, Mark F. ||2006||[[The_Law_and_Economics_of_Cybersecurity|The Law and Economics of Cybersecurity ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes
+| Department of Energy, Idaho National Laboratory ||2010-05-01||[http://www.fas.org/sgp/eprint/nstb.pdf NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses ]||No||U.S. Government Report||3.3.2 [[Private Critical Infrastructure]],<br>5.7 [[Technology]]
 |-
-| Gandal, Neil ||2008||[[An_Introduction_to_Key_Themes_in_the_Economics_of_Cyber_Security|An Introduction to Key Themes in the Economics of Cyber Security ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.7 [[Technology]]||Yes
+| Department of Energy, Office of Electricity Delivery & Energy Reliability ||Undated||[http://energy.gov/oe/technology-development/energy-delivery-systems-cybersecurity Cybersecurity for Energy Delivery Systems Program ]||No||U.S. Government Report ||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]
 |-
-| Johnson, Eric M. ||2008||[[Managing_Information_Risk_and_the_Economics_of_Security|Managing Information Risk and the Economics of Security ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||Yes
+| Department of Homeland Security||2009-09-16||[http://www.cyber.st.dhs.gov/docs/National_Cyber_Leap_Year_Summit_2009_Co-Chairs_Report.pdf National Cyber Leap Year Summit 2009: Co-Chairs' Report]||No||U.S. Government Report||3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>4.8 [[Attribution]]
 |-
-| Schneier, Bruce ||2008||[[Schneier_on_Security|Schneier on Security ]]||Book ||3.2 [[Actors and Incentives]],<br>4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]]||Yes
+| Department of Homeland Security||2007-06||[http://www.oig.dhs.gov/assets/Mgmt/OIG_07-48_Jun07.pdf Challenges Remain in Securing the Nation’s Cyber Infrastructure]||No||U.S. Government Report||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| Anderson, Ross J. ||2008||[[Security_Engineering|Security Engineering ]]||Book ||3.2 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes
+| Department of Homeland Security||2009-11||[http://www.cyber.st.dhs.gov/docs/DHS-Cybersecurity-Roadmap.pdf A Roadmap for Cybersecurity Research]||No||U.S. Government Report||1. [[Overview]],<br>4.2.1 [[Risk Management and Investment]]
 |-
-| Zittrain, Jonathan L. ||2008||[[The_Future_of_the_Internet_and_How_To_Stop_It|The Future of the Internet and How To Stop It ]]||Book ||4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]]||Yes
+| Department of Homeland Security||2010-08||[http://www.dhs.gov/xoig/assets/mgmtrpts/OIG_10-111_Aug10.pdf DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems]||No||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]]
 |-
-| Kramer, Franklin D., et. al ||2009||[[Cyberpower_and_National_Security|Cyberpower and National Security ]]||Book ||1. [[Overview]]||Yes
+| Department of Homeland Security||2010-09||[http://www.federalnewsradio.com/pdfs/NCIRP_Interim_Version_September_2010.pdf National Cyber Incident Response Plan]||No||U.S. Government Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]]
 |-
-| Moore, Tyler ||2009||[[The_Impact_of_Incentives_on_Notice_and_Take-down|The Impact of Incentives on Notice and Take-down ]]||Book ||4.2.2 [[Incentives]],<br>4.11 [[Cybercrime]],<br>5.4 [[International Cooperation]]||Yes
+| Department of Homeland Security||2011-11||[http://www.dhs.gov/xlibrary/assets/nppd/blueprint-for-a-secure-cyber-future.pdf Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise]||No||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]
 |-
-| Nye, Joseph ||2010||[[Cyber_Power|Cyber Power ]]||Book ||4.12 [[Cyberwar]],<br>4.13 [[Espionage]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| Department of Homeland Security ||2003||[[The_National_Strategy_for_the_Physical_Protection_of_Critical_Infrastructures_and_Key_Assets|The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets ]]||Yes||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| Clarke, Richard A. ||2010||[[Cyber_War|Cyber War ]]||Book ||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]]||Yes
+| Department of Homeland Security ||2009||[[A_Roadmap_for_Cybersecurity_Research|A Roadmap for Cybersecurity Research ]]||Yes||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]
 |-
-| Rotenberg et. al. ||2010||[[The_Cyber_War_Threat_Has_Been_Grossly_Exaggerated|The Cyber War Threat Has Been Grossly Exaggerated ]]||Article||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]]||Yes
+| Department of Justice||2011-04||[http://www.justice.gov/oig/reports/FBI/a1122r.pdf The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat]||No||U.S. Government Report||4.6 [[Information Sharing/Disclosure]],<br>4.11 [[Cybercrime]],<br>5.3 [[Government Organizations]]
 |-
-| Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum ||2009-09-15||[http://nationalstrategy.com/Portals/0/National%20Security%20Threats%20in%20Cyberspace%20FINAL%2009-15-09.pdf National Security Threats in Cyberspace ]||Independent Report||||No
+| Deputy Chief of Staff for Intelligence ||2006||[[Critical_Infrastructure_Threats_and_Terrorism|Critical Infrastructure Threats and Terrorism ]]||Yes||U.S. Government Report ||3.3 [[Security Targets]],<br>4.11 [[Cybercrime]],<br>4.12 [[Cyberwar]]
 |-
-| IEEE/EastWest Institute ||2010-05-26||[http://www.ieee-rogucci.org/files/The%20ROGUCCI%20Report.pdf The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report) ]||Independent Report||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.4 [[International Cooperation]]||No
+| Dörmann, Knut ||2004||[[Applicability_of_the_Additional_Protocols_to_Computer_Network_Attacks|Applicability of the Additional Protocols to Computer Network Attacks ]]||Yes||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| Pew Research Center’s Internet & American Life Project ||2010-06-11||[http://pewinternet.org/Reports/2010/The-future-of-cloud-computing.aspx The future of cloud computing ]||Independent Report||3.3.3.3 [[Cloud Computing]]||No
+| Douglas Maughan||2010||[[The_Need_for_a_National_Cybersecurity_Research_and_Development_Agenda|The Need for a National Cybersecurity Research and Development Agenda]]||Yes||Article||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| Council on Foreign Relations ||2010-07-15||[http://i.cfr.org/content/publications/attachments/Knake%20-Testimony%20071510.pdf Untangling Attribution: Moving to Accountability in Cyberspace [Testimony]]||Independent Report||3.2 [[Actors and Incentives]],<br>4.8 [[Attribution]],<br>5. [[Approaches]]||No
+| Dunlap Charles J, Jr   ||2011||[[Perspectives_for_Cyber_Strategists_on_Law_for_Cyberwar|Perspectives for Cyber Strategists on Law for Cyberwar]]||Yes||Journal Article||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| National Research Council ||2010-09-21||[http://www.nap.edu/catalog.php?record_id=12998 Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop ]||Independent Report||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>4.10 [[Privacy]]||No
+| Dunlap, Charles J. Jr. ||2009||[[Towards_a_Cyberspace_Legal_Regime_in_the_Twenty-First_Century|Towards a Cyberspace Legal Regime in the Twenty-First Century ]]||Yes||Article||4.5 [[Psychology and Politics]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| National Research Council ||2010-10-05||[http://www.nap.edu/catalog.php?record_id=12997#description Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy ]||Independent Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+| EastWest Institute ||2011-02-03||[http://vialardi.org/nastrazzuro/pdf/US-Russia.pdf Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace ]||No||Independent Report||3.2.1 [[States]],<br>5.4 [[International Cooperation]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| National Security Initiative ||2010-10-18||[http://www.americansecuritychallenge.com/ American Security Challenge ]||Independent Report||||No
+| Energetics Inc. ||2006||[[Roadmap_to_Secure_Control_Systems_in_the_Energy_Sector|Roadmap to Secure Control Systems in the Energy Sector ]]||Yes||Independent Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]
 |-
-| Organisation for Economic Co-operation and Development (OECD) ||2010-11-12||[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.165.2211&rep=rep1&type=pdf The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data ]||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
+| Energy Sector Control Systems Working Group||2011-09||[http://www.cyber.st.dhs.gov/wp-content/uploads/2011/09/Energy_Roadmap.pdf Roadmap to Achieve Energy Delivery Systems Cybersecurity]||No||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]]
 |-
-| Institute for Science and International Security ||2010-12-22||[http://isis-online.org/isis-reports/detail/did-stuxnet-take-out-1000-centrifuges-at-the-natanz-enrichment-plant/ Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment ]||Independent Report||3. [[Threats and Actors]],<br>3.3 [[Security Targets]],<br>5.7 [[Technology]]||No
+| ENISA||2010||[[Introduction_to_Country_Reports|Introduction to Country Reports]]||Yes||Non-U.S. Government Report||3.2.1 [[States]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]
 |-
-| Threat Level Blog (Wired) ||2010-12-27||[http://www.wired.com/threatlevel/2010/12/a-four-day-dive-into-stuxnets-heart/ A Four-Day Dive Into Stuxnet’s Heart ]||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
+| Epstein, Richard A. ||2008||[[Cybersecurity_in_the_Payment_Card_Industry|Cybersecurity in the Payment Card Industry ]]||Yes||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]
 |-
-| University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research ||2011-01-13||[http://www.isi.edu/deter/news/news.php?story=20 Design of the DETER Security Testbed ]||Independent Report||5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| European Network and Information Security Agency ||2010-10-07||[http://www.enisa.europa.eu/media/press-releases/stuxnet-analysis Stuxnet Analysis ]||No||Non-U.S. Government Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]
 |-
-| EastWest Institute ||2011-02-03||[http://vialardi.org/nastrazzuro/pdf/US-Russia.pdf Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace ]||Independent Report||3.2.1 [[States]],<br>5.4 [[International Cooperation]],<br>5.5 [[International Law (including Laws of War)]]||No
+| European Network and Information Security Agency (ENISA) ||2011-04-11||[http://www.enisa.europa.eu/act/res/other-areas/inter-x/report/interx-report Resilience of the Internet Interconnection Ecosystem, at: ]||No||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]
 |-
-| Massachusetts Institute of Technology (MIT) ||2011-12-05||[http://web.mit.edu/mitei/research/studies/the-electric-grid-2011.shtml The Future of the Electric Grid ]||Independent Report||3.3.2.1 [[Electricity]],<br>4. [[Issues]],<br>5.1 [[Regulation/Liability]]||No
+| Federal CIO Council ||2012-01-04||[http://www.gsa.gov/portal/category/102371 Federal Risk and Authorization Management Program (FedRAMP) ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]
 |-
-| RAND||2011-12-21||[http://www.rand.org/content/dam/rand/pubs/occasional_papers/2011/RAND_OP342.pdf A Cyberworm that Knows No Boundaries ]||Independent Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| Federal Communications Commission (FCC) ||2010-04-21||[http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-305618A1.doc Explore the reliability and resiliency of commercial broadband communications networks ]||No||U.S. Government Report||3.3.3 [[Communications]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| National Association of Secretaries of State ||2012-01-12||[http://www.nass.org/index.php?option=com_docman&task=doc_download&gid=1257 Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices ]||Independent Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+| Federal Communications Commission (FCC) ||2011-06-03||[ftp://ftp.fcc.gov/pub/Daily_Releases/Daily_Business/2011/db0610/DOC-307454A1.txt FCC's Plan for Ensuring the Security of Telecommunications Networks ]||No||U.S. Government Report||
 |-
-| International Telecommunications Union ||2012-02-10||[http://www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-toolkit-cybercrime-legislation.pdf ITU Toolkit for Cybercrime Legislation ]||Independent Report||||No
+| Financial Services Sector Coordinating Council for Critical Infrastructure Protection ||2008||[[Research_Agenda_for_the_Banking_and_Finance_Sector|Research Agenda for the Banking and Finance Sector ]]||Yes||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]]
 |-
-| Center for a New American Security||2012-06-11||[http://www.cnas.org/node/6405 America’s Cyber Future: Security and Prosperity in the Information Age ]||Independent Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+| Fischer, Eric A.<br />CRS||2012-04-23||[http://www.fas.org/sgp/crs/natsec/R42114.pdf Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions]||No||U.S. Government Report||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]]
 |-
-| National Security Cyberspace Institute||2012-07-11||[http://www.nsci-va.org/WhitePapers/2011-07-22-Cyber Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies ]||Independent Report||||No
+| Franklin, Jason, et. al ||2007||[[An_Inquiry_into_the_Nature_and_Causes_of_the_Wealth_of_Internet_Miscreants|An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants ]]||Yes||Independent Report ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]
 |-
-| Centre for Secure Information Technologies||2012-09-11||[http://www.csit.qub.ac.uk/media/pdf/Filetoupload,252359,en.pdf World Cybersecurity Technology Research Summit (Belfast 2011) ]||Independent Report||||No
+| Gandal, Neil ||2008||[[An_Introduction_to_Key_Themes_in_the_Economics_of_Cyber_Security|An Introduction to Key Themes in the Economics of Cyber Security ]]||Yes||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.7 [[Technology]]
 |-
-| Business Roundtable||2012-10-11||[http://businessroundtable.org/uploads/studies-reports/downloads/2011_10_Mission_Critical_A_Public-Private_Strategy_for_Effective_Cybersecurity.pdf Mission Critical: A Public-Private Strategy for Effective Cybersecurity ]||Independent Report||||No
+| GAO||2003-08-27||[http://www.gao.gov/products/GAO-03-760 Efforts to Improve Information sharing Need to Be Strengthened ]||No||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]
 |-
-| Mitre Corp (JASON Program Office) ||2012-11-10||[http://www.fas.org/irp/agency/dod/jason/cyber.pdf Science of Cyber-Security ]||Independent Report||1. [[Overview]],<br>4. [[Issues]]||No
+| GAO||2004-05-28||[http://www.gao.gov/assets/160/157541.pdf Technology Assessment: Cybersecurity for Critical Infrastructure Protection]||No||U.S. Government Report||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.7 [[Technology]]
 |-
-| Cloud Security Alliance ||2012-12-09||[http://www.cloudsecurityalliance.org/csaguide.pdf Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 ]||Independent Report||3.3.3.3 [[Cloud Computing]],<br>4. [[Issues]],<br>5.2 [[Private Efforts/Organizations]]||No
+| GAO||2008-07-31||[http://www.gao.gov/assets/280/279084.pdf Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability]||No||U.S. Government Report||5.3 [[Government Organizations]]
 |-
-| CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies ||2011-01||[http://csis.org/files/publication/110128_Lewis_CybersecurityTwoYearsLater_Web.pdf Cybersecurity Two Years Later ]||Independent Report||3. [[Threats and Actors]],<br>5. [[Approaches]],<br>5.3 [[Government Organizations]]||No
+| GAO||2009-09-24||[http://www.gao.gov/new.items/d09969.pdf Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment]||No||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| Software and Information Industry Association (SAII) ||2011-07-26||[http://www.siia.net/index.php?option=com_docman&task=doc_download&gid=3040&Itemid=318 Guide to Cloud Computing for Policy Makers ]||Independent Report ||3.3.3.3 [[Cloud Computing]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
+| GAO||2009-11-17||[http://www.gao.gov/products/GAO-10-230t Continued Efforts Are Needed to Protect Information Systems from Evolving Threats ]||No||U.S. Government Report ||3.2 [[Actors and Incentives]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| Organization for Economic Co-operation and Development (OECD) ||2012-01-10||[http://www.oecd-ilibrary.org/docserver/download/fulltext/5k9h2q8v9bln.pdf?expires=1330527950&id=id&accname=guest&checksum=F4470043AC638BE19D5131C3D5CE5EA4 ICT Applications for the Smart Grid: Opportunities and Policy Implications ]||Independent Report ||||No
+| GAO||2010-03-05||[http://www.gao.gov/products/GAO-10-338 Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| National Research Council ||1999||[[Trust_in_Cyberspace|Trust in Cyberspace ]]||Independent Report ||3.3.3.2 [[Public Data Networks]],<br>4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]]||Yes
+| GAO||2010-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| Anderson, Ross ||2001||[[Why_Information_Security_is_Hard|Why Information Security is Hard ]]||Independent Report ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]],<br>5.1 [[Regulation/Liability]]||Yes
+| GAO||2010-03-24||[http://www.gao.gov/products/GAO-10-536t Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at: ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| Computing Research Association ||2003-||[[Four_Grand_Challenges_in_Trustworthy_Computing|Four Grand Challenges in Trustworthy Computing ]]||Independent Report ||4.4 [[Usability/Human Factors]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]]||Yes
+| GAO||2010-04-12||[http://www.gao.gov/products/GAO-10-237 Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| Institute for Information Infrastructure Protection ||2003||[[Cyber_Security_Research_and_Development_Agenda|Cyber Security Research and Development Agenda ]]||Independent Report ||4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||Yes
+| GAO||2010-06-03||[http://www.gao.gov/assets/310/305208.pdf Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development]||No||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| Dörmann, Knut ||2004||[[Applicability_of_the_Additional_Protocols_to_Computer_Network_Attacks|Applicability of the Additional Protocols to Computer Network Attacks ]]||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| GAO||2010-06-16||[http://www.gao.gov/products/GAO-10-834t Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| Schmitt, Michael N., et. al ||2004||[[Computers_and_War|Computers and War ]]||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| GAO||2010-07-01||[http://www.gao.gov/products/GAO-10-513 Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]
 |-
-| Lernard, Thomas M. ||2005||[[An_Economic_Analysis_of_Notification_Requirements_for_Data_Security_Breaches|An Economic Analysis of Notification Requirements for Data Security Breaches ]]||Independent Report ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+| GAO||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||No||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| Bohme, Rainer ||2005||[[Cyber-Insurance_Revisited|Cyber-Insurance Revisited ]]||Independent Report ||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,4.2.5 [[Market Failure]]||Yes
+| GAO||2010-08-02||[http://www.gao.gov/products/GAO-10-606 United States Faces Challenges in Addressing Global Cybersecurity and Governance ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]
 |-
-| Bohme, Rainer ||2006||[[Models_and_Measures_for_Correlation_in_Cyber-Insurance|Models and Measures for Correlation in Cyber-Insurance ]]||Independent Report ||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]]||Yes
+| GAO||2010-09-15||[http://www.gao.gov/products/GAO-10-916 Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| Energetics Inc. ||2006||[[Roadmap_to_Secure_Control_Systems_in_the_Energy_Sector|Roadmap to Secure Control Systems in the Energy Sector ]]||Independent Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||Yes
+| GAO||2010-09-23||[http://www.gao.gov/products/GAO-10-772 DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened ]||No||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]
 |-
-| Franklin, Jason, et. al ||2007||[[An_Inquiry_into_the_Nature_and_Causes_of_the_Wealth_of_Internet_Miscreants|An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants ]]||Independent Report ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]||Yes
+| GAO||2010-10-06||[http://www.gao.gov/products/GAO-11-24 Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed ]||No||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| Moore, Tyler ||2007||[[Examining_the_Impact_of_Website_Take-down_on_Phishing|Examining the Impact of Website Take-down on Phishing ]]||Independent Report ||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.7 [[Technology]]||Yes
+| GAO||2010-11-30||[http://www.gao.gov/products/GAO-11-43 Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk ]||No||U.S. Government Report ||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| National Research Council ||2007||[[Toward_a_Safer_and_More_Secure_Cyberspace|Toward a Safer and More Secure Cyberspace ]]||Independent Report ||1. [[Overview]],<br>4.8 [[Attribution]],<br>5.6 [[Deterrence]]||Yes
+| GAO||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||No||U.S. Government Report ||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| Romanosky et al. ||2008||[[Do_Data_Breach_Disclosure_Laws_Reduce_Identity_Theft|Do Data Breach Disclosure Laws Reduce Identity Theft ]]||Independent Report ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+| GAO||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||No||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| Financial Services Sector Coordinating Council for Critical Infrastructure Protection ||2008||[[Research_Agenda_for_the_Banking_and_Finance_Sector|Research Agenda for the Banking and Finance Sector ]]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]]||Yes
+| GAO||2011-07-08||[http://www.gao.gov/products/GAO-11-149 Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain ]||No||U.S. Government Report ||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| Center for Strategic and International Studies ||2008||[[Securing_Cyberspace_for_the_44th_Presidency|Securing Cyberspace for the 44th Presidency ]]||Independent Report ||4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]],<br>5.4 [[International Cooperation]]||Yes
+| GAO||2011-07-25||[http://www.gao.gov/products/GAO-11-75 Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]
 |-
-| Moore, Tyler ||2008||[[The_Consequence_of_Non-Cooperation_in_the_Fight_Against_Phishing|The Consequence of Non-Cooperation in the Fight Against Phishing ]]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]]||Yes
+| GAO||2011-07-26||[http://www.gao.gov/products/GAO-11-463T Continued Attention Needed to Protect Our Nation’s Critical Infrastructure ]||No||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| National Cyber Defense Initiative ||2009||[[National_Cyber_Defense_Financial_Services_Workshop_Report|National Cyber Defense Financial Services Workshop Report ]]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||Yes
+| GAO||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]
 |-
-| Bohme, Rainer ||2010||[[Modeling_Cyber-Insurance|Modeling Cyber-Insurance ]]||Independent Report ||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,5.2 [[Private Efforts/Organizations]]||Yes
+| GAO||2011-10-03||[http://www.gao.gov/products/GAO-12-137 Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]
 |-
-| Clinton, Larry ||Undated ||[[Cyber-Insurance_Metrics_and_Impact_on_Cyber-Security|Cyber-Insurance Metrics and Impact on Cyber-Security ]]||Independent Report ||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]]||Yes
+| GAO||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]
 |-
-| International Instrument Users Association (WIB) ||2010-11-10||[http://www.isssource.com/wib/ WIB Security Standard Released ]||Industry Report||3.3 [[Security Targets]],<br>5.4 [[International Cooperation]]||No
+| GAO||2011-10-17||[http://www.gao.gov/products/GAO-11-634 Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management ]||No||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America ||2011-03-08||[http://www.cdt.org/files/pdfs/20110308_cbyersec_paper.pdf Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper ]||Industry Report||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5. [[Approaches]]||No
+| GAO||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at: ]||No||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]
 |-
-| McAfee and Center for Strategic and International Studies (CSIS) ||2011-04-21||[http://www.mcafee.com/us/resources/reports/rp-critical-infrastructure-protection.pdf In the Dark: Crucial Industries Confront Cyberattacks ]||Industry Report||3. [[Threats and Actors]],<br>3.3.2 [[Private Critical Infrastructure]],<br> [[4.7 Public-Private Cooperation]]||No
+| GAO||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||No||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| Cyber Security Forum Initiative ||2011-05-09||[http://www.unveillance.com/wp-content/uploads/2011/05/Project_Cyber_Dawn_Public.pdf Cyber Dawn: Libya ]||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+| GAO||2012-01-13||[http://www.gao.gov/assets/590/587681.pdf Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements]||No||U.S. Government Report||3.3.1.2 [[Military Networks (.mil)]],<br>4.7 [[Public-Private Cooperation]]
 |-
-| National Cyber Security Alliance and Microsoft ||2011-05-13||[http://www.staysafeonline.org/sites/default/files/resource_documents/2011%20National%20K-12%20Study%20Final_0.pdf 2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey ]||Industry Report||4.4 [[Usability/Human Factors]]||No
+| GAO||2012-02-28||[http://www.csit.qub.ac.uk/media/pdf/Filetoupload,252359,en.pdf Cybersecurity: Challenges to Securing the Modernized Electricity Grid ]||No||Non-U.S. Government Report ||
 |-
-| McAfee ||2011-08-02||[http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years ]||Industry Report||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.13 [[Espionage]]||No
+| GAO||2009||[[Critical_Infrastructure_Protection|Critical Infrastructure Protection - Current Cyber Sector-Specific Planning Approach Needs Reassessment]]||Yes||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| Symantec||2011-10-24||[http://www.symantec.com/connect/w32_duqu_precursor_next_stuxnet W32.Duqu: The Precursor to the Next Stuxnet ]||Industry Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
+| GAO||2009-07||[http://www.gao.gov/new.items/d09546.pdf Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses]||No||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]]
 |-
-| Booz Allen Hamilton and the Economist Intelligence Unit ||2012-01-15||[http://www.cyberhub.com/CyberPowerIndex Cyber Power Index ]||Industry Report||4. [[Issues]],<br>4.1 [[Metrics]],<br>5. [[Approaches]]||No
+| GAO||2009-09||[http://www.gao.gov/new.items/d09617.pdf Information Security: Concerted Effort Needed to Improve Federal Performance Measures]||No||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| McAfee ||2012-02-01||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf?cid=WBB048 Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World ]||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+| GAO||2010||[[Information_Security|Information Security - Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies]]||Yes||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]
 |-
-| Business Software Alliance ||2012-02-02||[ Global Cloud Computing Scorecard a Blueprint for Economic Opportunity ]||Industry Report||3.3.3.3 [[Cloud Computing]]||No
+| GAO ||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]
 |-
-| McAfee and the Security Defense Agenda||2012-02-12||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World]||Industry Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+| Geer, Daniel E. and Conway, Daniel G.||2010||[[Nothing_Ventured,_Nothing_Gained|Nothing Ventured, Nothing Gained]]||Yes||Journal Article||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]]
 |-
-| Microsoft||2012-11-10||[http://cdn.globalfoundationservices.com/documents/InformationSecurityMangSysforMSCloudInfrastructure.pdf Information Security Management System for Microsoft Cloud Infrastructure ]||Industry Report||3.3.3.3 [[Cloud Computing]],<br>5.2 [[Private Efforts/Organizations]]||No
+| Gellman, Robert||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059444.pdf Civil Liberties and Privacy Implications of Policies to Prevent Cyberattacks ]||No||Journal Article||4.8 [[Attribution]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]
 |-
-| Computer Economics, Inc. ||2007||[[2007_Malware_Report|2007 Malware Report ]]||Industry Report ||4.2 [[Economics of Cybersecurity]]||Yes
+| General Accountability Office (GAO) ||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||No||U.S. Government Report||3.3 [[Security Targets]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]
 |-
-| Verizon ||2010||[[2010_Data_Breach_Investigations_Report|2010 Data Breach Investigations Report ]]||Industry Report ||3.3.2.2 [[Financial Institutions and networks]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]]||Yes
+| General Accountability Office (GAO) ||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||No||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| HP TippingPoint DVLabs ||2010||[[2010_Top_Cyber_Security_Risks_Report|2010 Top Cyber Security Risks Report ]]||Industry report ||4.11 [[Cybercrime]],<br>5.7 [[Technology]]||Yes
+| General Accountability Office (GAO) ||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||No||U.S. Government Report||3. [[Threats and Actors]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| McAfee, Inc. ||2010||[[McAfee_Threats_Report|McAfee Threats Report ]]||Industry Report ||3.2.3 [[Hacktivists]],<br>3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]]||Yes
+| General Accountability Office (GAO) ||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates ]||No||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]
 |-
-| Symantec Corporation ||2010||[[Symantec_Global_Internet_Security_Threat_Report|Symantec Global Internet Security Threat Report ]]||Industry Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]||Yes
+| General Accountability Office (GAO) ||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination ]||No||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]
 |-
-| Trend Micro Incorporated ||2010||[[Trend_Micro_Annual_Report|Trend Micro Annual Report ]]||Industry Report ||4.11 [[Cybercrime]]||Yes
+| General Accountability Office (GAO) ||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||No||U.S. Government Report ||
 |-
-| Journal of Strategic Studies ||2011-10-05||[http://www.tandfonline.com/doi/abs/10.1080/01402390.2011.6089393 Cyber War Will Not Take Place ]||Journal Article||||No
+| General Services Administration (GSA) ||2012-02-07||[http://www.gsa.gov/graphics/staffoffices/FedRAMP_CONOPS.pdf Concept of Operations: FedRAMP ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]
 |-
-| Schmitt Michael N   ||2002||[[Wired_Warfare| Wired warfare: Computer network attack and jus in bello]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| Grady, Mark F. ||2006||[[The_Law_and_Economics_of_Cybersecurity|The Law and Economics of Cybersecurity ]]||Yes||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]
 |-
-| Schmitt Michael N   ||2004||[[Direct_Participation_in_Hostilities|Direct Participation in Hostilities and 21st Century Armed Conflict]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| Graham David E   ||2010||[[Cyber_Threats_and_the_Law_of_War| Cyber Threats and the Law of War]]||Yes||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| Thom, Maxie    ||2006||[[Information_Warfare_Arms_Control| Information Warfare Arms Control: Risks and Costs]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5. [[Approaches]]||Yes
+| Granick, Jennifer Stisa ||2005||[[The_Price_of_Restricting_Vulnerability_Publications|The Price of Restricting Vulnerability Publications ]]||Yes||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]
 |-
-| Graham David E   ||2010||[[Cyber_Threats_and_the_Law_of_War| Cyber Threats and the Law of War]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| Hollis, Duncan B. ||2007||[[Why_States_Need_an_International_Law_for_Information_Operations|Why States Need an International Law for Information Operations ]]||Yes||Journal Article ||4.12 [[Cyberwar]],<br>4.13.1 [[Government to Government|Government to Government Espionage]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| Dunlap Charles J, Jr   ||2011||[[Perspectives_for_Cyber_Strategists_on_Law_for_Cyberwar|Perspectives for Cyber Strategists on Law for Cyberwar]]||Journal Article||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| HP TippingPoint DVLabs ||2010||[[2010_Top_Cyber_Security_Risks_Report|2010 Top Cyber Security Risks Report ]]||Yes||Industry report ||4.11 [[Cybercrime]],<br>5.7 [[Technology]]
 |-
-| Schmitt, Michael N. ||1999||[[Computer_Network_Attack_and_the_Use_of_Force_in_International_Law|Computer Network Attack and the Use of Force in International Law ]]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| IEEE/EastWest Institute ||2010-05-26||[http://www.ieee-rogucci.org/files/The%20ROGUCCI%20Report.pdf The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report) ]||No||Independent Report||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.4 [[International Cooperation]]
 |-
-| Barkham, Jason ||2001||[[Information_Warfare_and_International_Law_on_the_Use_of_Force|Information Warfare and International Law on the Use of Force ]]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| Institute for Information Infrastructure Protection ||2003||[[Cyber_Security_Research_and_Development_Agenda|Cyber Security Research and Development Agenda ]]||Yes||Independent Report ||4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]
 |-
-| Swire, Peter P. ||2004||[[A_Model_for_When_Disclosure_Helps_Security|A Model for When Disclosure Helps Security ]]||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+| Institute for Science and International Security ||2010-12-22||[http://isis-online.org/isis-reports/detail/did-stuxnet-take-out-1000-centrifuges-at-the-natanz-enrichment-plant/ Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment ]||No||Independent Report||3. [[Threats and Actors]],<br>3.3 [[Security Targets]],<br>5.7 [[Technology]]
 |-
-| Aviram, Amitai ||2004||[[Overcoming_Impediments_to_Information_Sharing|Overcoming Impediments to Information Sharing ]]||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]||Yes
+| International Instrument Users Association (WIB) ||2010-11-10||[http://www.isssource.com/wib/ WIB Security Standard Released ]||No||Industry Report||3.3 [[Security Targets]],<br>5.4 [[International Cooperation]]
 |-
-| Johnson, Vincent R. ||2005||[[Cybersecurity,_Identity_Theft,_and_the_Limits_of_Tort_Liability|Cybersecurity, Identity Theft, and the Limits of Tort Liability ]]||Journal Article ||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||Yes
+| International Telecommunications Union ||2012-02-10||[http://www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-toolkit-cybercrime-legislation.pdf ITU Toolkit for Cybercrime Legislation ]||No||Independent Report||
 |-
-| Powell, Benjamin ||2005||[[Is_Cybersecurity_a_Public_Good|Is Cybersecurity a Public Good ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.5 [[Market Failure]],<br>5.1 [[Regulation/Liability]]||Yes
+| James Clapper, Director of National Intelligence ||2011-02-10||[http://www.dni.gov/testimonies/20110210_testimony_clapper.pdf Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony) ]||No||U.S. Government Report||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]]
 |-
-| Granick, Jennifer Stisa ||2005||[[The_Price_of_Restricting_Vulnerability_Publications|The Price of Restricting Vulnerability Publications ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+| Johnson, Eric M. ||2008||[[Managing_Information_Risk_and_the_Economics_of_Security|Managing Information Risk and the Economics of Security ]]||Yes||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]
 |-
-| Brown, Davis ||2006||[[A_Proposal_for_an_International_Convention_To_Regulate_the_Use_of_Information_Systems_in_Armed_Conflict|A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict ]]||Journal Article ||3.3.2.1 [[Military networks (.gov)]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| Johnson, Vincent R. ||2005||[[Cybersecurity,_Identity_Theft,_and_the_Limits_of_Tort_Liability|Cybersecurity, Identity Theft, and the Limits of Tort Liability ]]||Yes||Journal Article ||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]
 |-
-| Swire, Peter P. ||2006||[[A_Theory_of_Disclosure_for_Security_and_Competitive_Reasons|A Theory of Disclosure for Security and Competitive Reasons ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+| Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum ||2009-09-15||[http://nationalstrategy.com/Portals/0/National%20Security%20Threats%20in%20Cyberspace%20FINAL%2009-15-09.pdf National Security Threats in Cyberspace ]||No||Independent Report||
 |-
-| Kobayashi, Bruce H. ||2006||[[An_Economic_Analysis_of_the_Private_and_Social_Costs_of_the_Provision_of_Cybersecurity_and_Other_Public_Security_Goods|An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.6 [[Deterrence]]||Yes
+| Joseph S. Nye||2010||[[Cyber_Power|Cyber Power]]||Yes||Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| Stohl, Michael ||2006||[[Cyber_Terrorism|Cyber Terrorism ]]||Journal Article ||3.2.3 [[Hacktivists]],<br>3.2.4 [[Terrorists]],<br>4.5 [[Psychology and Politics]]||Yes
+| Journal of Strategic Studies ||2011-10-05||[http://www.tandfonline.com/doi/abs/10.1080/01402390.2011.6089393 Cyber War Will Not Take Place ]||No||Journal Article||
 |-
-| Arora et al. ||2006||[[Does_Information_Security_Attack_Frequency_Increase_With_Vulnerability_Disclosure|Does Information Security Attack Frequency Increase With Vulnerability Disclosure ]]||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]]||Yes
+| Kelly A. Gable||2010||[[Cyber-Apocalypse_Now|Cyber-Apocalypse Now - Securing the Internet Against Cyberterrorism and Using Universal Jurisdiction as a Deterrent]]||Yes||Journal Article||3.2.4 [[Terrorists]],<br>3.3 [[Security Targets]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| Lernard, Thomas M. ||2006||[[Much_Ado_About_Notification|Much Ado About Notification ]]||Journal Article ||4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulaiton/Liability]]||Yes
+| Kerr, Paul K. et al.<br />CRS||2010-12-09||[http://www.fas.org/sgp/crs/natsec/R41524.pdf The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability]||No||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]],<br>5.4 [[International Law (including Laws of War)]]
 |-
-| Anderson, Ross ||2006||[[The_Economics_of_Information_Security|The Economics of Information Security ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||Yes
+| Kesan, Jay P. and Hayes, Carol M.||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059446.pdf Thinking Through Active Defense in Cyberspace ]||No||Journal Article||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| Thomas, Rob ||2006||[[The_Underground_Economy|The Underground Economy ]]||Journal Article ||3.2.5 [[Criminals and Criminl Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.11 [[Cybercrime]]||Yes
+| Kobayashi, Bruce H.||2005||[[An_Economic_Analysis_of_the_Private_and_Social_Costs_of_the_Provision_of_Cybersecurity_and_other_Public_Security_Goods|An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and other Public Security Goods]]||Yes||Journal Article||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]]
 |-
-| Telang, Rahul ||2007||[[Impact_of_Software_Vulnerability_Announcements_on_the_Market_Value_of_Software_Vendors|Impact of Software Vulnerability Announcements on the Market Value of Software Vendors ]]||Journal Article ||4.1 [[Metrics]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]]||Yes
+| Kobayashi, Bruce H. ||2006||[[An_Economic_Analysis_of_the_Private_and_Social_Costs_of_the_Provision_of_Cybersecurity_and_Other_Public_Security_Goods|An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods ]]||Yes||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.6 [[Deterrence]]
 |-
-| Schwartz, Paul ||2007||[[Notification_of_Data_Security_Breaches|Notification of Data Security Breaches ]]||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes
+| Korns, Stephen W. ||2009||[[Cyber_Operations|Cyber Operations ]]||Yes||Journal Article ||4.8 [[Attribution]],<br>4.12 [[Cyberwar]],<br>5.6 [[Deterrence]]
 |-
-| Hollis, Duncan B. ||2007||[[Why_States_Need_an_International_Law_for_Information_Operations|Why States Need an International Law for Information Operations ]]||Journal Article ||4.12 [[Cyberwar]],<br>4.13.1 [[Government to Government Espionage]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| Kramer, Franklin D., et. al ||2009||[[Cyberpower_and_National_Security|Cyberpower and National Security ]]||Yes||Book ||1. [[Overview]]
 |-
-| Epstein, Richard A. ||2008||[[Cybersecurity_in_the_Payment_Card_Industry|Cybersecurity in the Payment Card Industry ]]||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||Yes
+| Kundra, Vivek||2010-12-09||[http://www.cio.gov/documents/25-point-implementation-plan-to-reform-federal%20it.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management]||No||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]
 |-
-| Todd, Graham H. ||2009||[[Armed_Attack_in_Cyberspace|Armed Attack in Cyberspace ]]||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 [[Internaitonal Law (including Laws of War)]]||Yes
+| Kundra, Vivek||2011-02-08||[http://www.cio.gov/documents/federal-cloud-computing-strategy.pdf Federal Cloud Computing Strategy]||No||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]
 |-
-| Korns, Stephen W. ||2009||[[Cyber_Operations|Cyber Operations ]]||Journal Article ||4.8 [[Attribution]],<br>4.12 [[Cyberwar]],<br>5.6 [[Deterrence]]||Yes
+| Lan, Tang et al.||2010||[[Global_Cyber_Deterrence|Global Cyber Deterrence: Views from China, the U.S., Russia, India, and Norway]]||Yes||Independent Report||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.6 [[Deterrence]]
 |-
-| Beard, Jack M. ||2009||[[Law_and_War_in_the_Virtual_Era|Law and War in the Virtual Era ]]||Journal Article ||4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| Lernard, Thomas M. ||2005||[[An_Economic_Analysis_of_Notification_Requirements_for_Data_Security_Breaches|An Economic Analysis of Notification Requirements for Data Security Breaches ]]||Yes||Independent Report ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]
 |-
-| Sklerov, Matthew J. ||2009||[[Solving_the_Dilemma_of_State_Responses_to_Cyberattacks|Solving the Dilemma of State Responses to Cyberattacks ]]||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 [[Internaitonal Law (including Laws of War)]]||Yes
+| Lernard, Thomas M. ||2006||[[Much_Ado_About_Notification|Much Ado About Notification ]]||Yes||Journal Article ||4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]
 |-
-| Moore, Tyler, et. al ||2009||[[The_Economics_of_Online_Crime|The Economics of Online Crime ]]||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]]||Yes
+| Lewis, James Andrews||2005||[[Cyber_Security_and_Regulation_in_the_United_States|Aux armes, citoyens: Cyber Security and Regulation in the United States]]||Yes||Journal Article||3.3.1 [[Public Critical Infrastructure,<br>3.3.2.2 [[Financial Institutions and Networks]],<br>3.3.2.3 [[Transportation]]
 |-
-| Watts, Sean ||2010||[[Combatant_Status_and_Computer_Network_Attack|Combatant Status and Computer Network Attack ]]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| Libicki, Martin||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059490.pdf Pulling Punches in Cyberspace]||No||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| Varian, Hal ||2000||[[Managing_Online_Security_Risks|Managing Online Security Risks ]]||Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]]||Yes
+|Lin, Herbert||2012||[[Media:Lin-Cyber_Conflict_and_National_Security_2012.pdf|Cyber Conflict and National Security]]||No||Article||
 |-
-| European Network and Information Security Agency ||2010-10-07||[http://www.enisa.europa.eu/media/press-releases/stuxnet-analysis Stuxnet Analysis ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No
+| Lukasik, Stephen J.||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059438.pdf A Framework for Thinking about Cyber Conflict and Cyber Deterrence with Possible Declatory Policies for these Domain]||No||Journal Article||3.2 [[Actors and Incentives]],<br>5.4 [[International Cooperation]],<br>5.6 [[Deterrence]]
 |-
-| European Network and Information Security Agency (ENISA) ||2011-04-11||[http://www.enisa.europa.eu/act/res/other-areas/inter-x/report/interx-report Resilience of the Internet Interconnection Ecosystem, at: ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+| Massachusetts Institute of Technology (MIT) ||2011-12-05||[http://web.mit.edu/mitei/research/studies/the-electric-grid-2011.shtml The Future of the Electric Grid ]||No||Independent Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4. [[Issues]],<br>5.1 [[Regulation/Liability]]
 |-
-| Cabinet Office (United Kingdom) ||2012-11-11||[http://www.cabinetoffice.gov.uk/sites/default/files/resources/uk-cyber-security-strategy-final.pdf The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+| McAfee ||2011-08-02||[http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years ]||No||Industry Report||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.13 [[Espionage]]
 |-
-| GAO||2012-02-28||[http://www.csit.qub.ac.uk/media/pdf/Filetoupload,252359,en.pdf Cybersecurity: Challenges to Securing the Modernized Electricity Grid ]||Non-U.S. Government Report ||||No
+| McAfee ||2012-02-01||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf?cid=WBB048 Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World ]||No||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]
 |-
-| van Eeten, Michel J. G. ||2008||[[Economics_of_Malware|Economics of Malware ]]||Non-U.S. Government Report ||4.2 [[Economics of Cybersecurity]]||Yes
+| McAfee and Center for Strategic and International Studies (CSIS) ||2011-04-21||[http://www.mcafee.com/us/resources/reports/rp-critical-infrastructure-protection.pdf In the Dark: Crucial Industries Confront Cyberattacks ]||No||Industry Report||3. [[Threats and Actors]],<br>3.3.2 [[Private Critical Infrastructure]],<br> 4.7 [[Public-Private Cooperation]]
 |-
-| Dunlap, Charles J. Jr. ||2009||[[Towards_a_Cyberspace_Legal_Regime_in_the_Twenty-First_Century|Towards a Cyberspace Legal Regime in the Twenty-First Century ]]||Article||4.5 [[Psychology and Politics]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| McAfee and the Security Defense Agenda||2012-02-12||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World]||No||Industry Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]]
 |-
-| Anderson, Ross, et. al ||2008||[[Security_Economics_and_the_Internal_Market|Security Economics and the Internal Market ]]||Article||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.6 [[Deterrence]]||Yes
+| McAfee, Inc. ||2010||[[McAfee_Threats_Report|McAfee Threats Report ]]||Yes||Industry Report ||3.2.3 [[Hacktivists]],<br>3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]]
 |-
-| U.S. House Permenant Select Committee on Intelligence||2011-02-10||[https://intelligence.house.gov/hearing/full-committee-world-wide-threats-hearing World Wide Threats]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| McDermott, Rose||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059442.pdf Decision Making Under Uncertainty]||No||Journal Article||4.4 [[Usability/Human Factors]],<br>4.5 [[Psychology and Politics]],<br>4.8 [[Attribution]]
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-02-11||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cpreventing-chemical-terrorism-building-foundation-security-our-nation Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
+| Microsoft||2010-11||[http://cdn.globalfoundationservices.com/documents/InformationSecurityMangSysforMSCloudInfrastructure.pdf Information Security Management System for Microsoft Cloud Infrastructure ]||No||Industry Report||3.3.3.3 [[Cloud Computing]],<br>5.2 [[Private Efforts/Organizations]]
 |-
-| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-02-11||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=90d8a16a-23b7-4b9c-a732-cb10ab20e579&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=2&YearDisplay=2011 What Should the Department of Defense’s Role in Cyber Be?]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No
+| Mitre Corp (JASON Program Office) ||2010-11||[http://www.fas.org/irp/agency/dod/jason/cyber.pdf Science of Cyber-Security ]||No||Independent Report||1. [[Overview]],<br>4. [[Issues]]
 |-
-| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-02-17||[http://www.hsgac.senate.gov/hearings/the-homeland-security-departments-budget-submission-for-fiscal-year-2012 Homeland Security Department’s Budget Submission for Fiscal Year 2012]||U.S. Government Hearing||||No
+| Moore, Tyler||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059364.pdf Introducing the Economics of Cybersecurity: Principles and Policy Options]||No||Journal Article||4.2 [[Economics of Cybersecurity]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]
 |-
-| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-03-10||[http://www.hsgac.senate.gov/hearings/information-sharing-in-the-era-of-wikileaks-balancing-security-and-collaboration Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+| Moore, Tyler ||2007||[[Examining_the_Impact_of_Website_Take-down_on_Phishing|Examining the Impact of Website Take-down on Phishing ]]||Yes||Independent Report ||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.7 [[Technology]]
 |-
-| U.S. Senate Committee on Energy and Natural Resources||2011-03-15||[ Cybersecurity and Critical Electric Infrastructure (closed)]||U.S. Government Hearing||3.3.2.1 [[Electricity]]||No
+| Moore, Tyler ||2008||[[The_Consequence_of_Non-Cooperation_in_the_Fight_Against_Phishing|The Consequence of Non-Cooperation in the Fight Against Phishing ]]||Yes||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]]
 |-
-| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-03-16||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=79ce7b4c-f88b-40bf-9540-efdb3a2d26b2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2011 2012 Budget Request from U.S. Cyber Command]||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]]||No
+| Moore, Tyler ||2009||[[The_Impact_of_Incentives_on_Notice_and_Take-down|The Impact of Incentives on Notice and Take-down ]]||Yes||Book ||4.2.2 [[Incentives]],<br>4.11 [[Cybercrime]],<br>5.4 [[International Cooperation]]
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-03-16||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-cyber-threat-critical-infrastructure-and-american-economy Examining the Cyber Threat to Critical Infrastructure and the American Economy]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]]||No
+| Moore, Tyler, et. al ||2009||[[The_Economics_of_Online_Crime|The Economics of Online Crime ]]||Yes||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]]
 |-
-| U.S. Senate Committee on Judiciary||2011-03-30||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da1697f72 Oversight of the Federal Bureau of Investigation]||U.S. Government Hearing||3. [[Threats and Actors]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+| Morgan, Patrick M. ||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059436.pdf Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm ]||No||Journal Article||4.12 [[Cyberwar]],<br>5.4 [[International Cooperation]],<br>5.6 [[Deterrence ]]
 |-
-| U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power)||2011-03-31||[http://www.dhs.gov/ynews/testimony/testimony_1301595025263.shtm Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs  ]||U.S. Government Hearing||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No
+| National Association of Secretaries of State ||2012-01-12||[http://www.nass.org/index.php?option=com_docman&task=doc_download&gid=1257 Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices ]||No||Independent Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-04-12||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16a9959 Cyber Security: Responding to the Threat of Cyber Crime and Terrorism]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||No
+| National Cyber Defense Initiative ||2009||[[National_Cyber_Defense_Financial_Services_Workshop_Report|National Cyber Defense Financial Services Workshop Report ]]||Yes||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations)||2011-04-15||[http://foreignaffairs.house.gov/hearing_notice.asp?id=1279 Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology]||U.S. Government Hearing||3.2.1 [[Governments]],<br>4.12 [[Cyberwar]],<br>4.13 [[Espionage]]||No
+| National Cyber Security Alliance and Microsoft ||2011-05-13||[http://www.staysafeonline.org/sites/default/files/resource_documents/2011%20National%20K-12%20Study%20Final_0.pdf 2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey ]||No||Industry Report||4.4 [[Usability/Human Factors]]
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-04-15||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9C-dhs-cybersecurity-mission-promoting-innovation-and-securing-critical DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+| National Cyber Security Summit Task Force ||2004||[[Information_Security_Governance|Information Security Governance ]]||Yes||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[government Organizations]]
 |-
-| U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-05-03||[http://www.armed-services.senate.gov/Transcripts/2011/05%20May/11-31%20-%205-3-11.pdf To receive testimony on the health and status of the defense industrial base and its science and technology-related elements]||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.3 [[Supply Chain Issues]],<br>5.3 [[Government Organizations]]||No
+| National Infrastructure Advisory Council ||2004||[[Hardening_The_Internet|Hardening The Internet ]]||Yes||U.S. Government Report ||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. Senate Committee on Energy and Natural Resources||2011-05-05||[http://www.energy.senate.gov/public/index.cfm/hearings-and-business-meetings?ID=929c1441-da25-c99d-3e27-af20c29e3b4b Cybersecurity of the Bulk-Power System and Electric Infrastructure]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]]||No
+| National Initiative for Cybersecurity Education||2011-08-11||[http://csrc.nist.gov/nice/documents/nicestratplan/Draft_NICE-Strategic-Plan_Aug2011.pdf National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation]||No||U.S. Government Report||1. [[Overview]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-05-23||[http://www.hsgac.senate.gov/hearings/protecting-cyberspace-assessing-the-white-house-proposal Protecting Cyberspace: Assessing the White House Proposal]||U.S. Government Hearing||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]]||No
+| National Initiative for Cybersecurity Education (NICE) ||2011-11-21||[http://csrc.nist.gov/nice/framework/documents/NICE-Cybersecurity-Workforce-Framework-printable.pdf NICE Cybersecurity Workforce Framework ]||No||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations)||2011-05-25||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-immediate-threat-to-the-united-states/ Cybersecurity: Assessing the Immediate Threat to the United States]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||No
+| National Institute of Standards and Technology ||2006||[[SP_800-82:_Guide_to_Supervisory_Control_and_Data_Acquisition_(SCADA)_and_Industrial_Control_Systems_Security|SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security ]]||Yes||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>.2.1 [[Risk Management and Investment]],<br>5.2 [[Private Efforts/Organizations]]
 |-
-| U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet)||2011-05-25||[http://judiciary.house.gov/hearings/hear_05252011.html Cybersecurity: Problems Innovative Solutions to Challenging]||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]]||No
+| National Institute of Standards and Technology (NIST) ||2010-09-02||[http://www.nist.gov/public_affairs/releases/nist-finalizes-initial-set-of-smart-grid-cyber-security-guidelines.cfm NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines ]||No||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education)||2011-05-25||[http://science.house.gov/hearing/subcommittee-research-and-science-education-subcommittee-technology-and-innovation-%E2%80%93-joint Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| National Research Council ||2009||[[Media:NRC-Cyberattack_Capabilities-2009.pdf|Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities]]||No||Independent Report||
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies)||2011-05-26||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cunlocking-safety-act%E2%80%99s-potential-promote-technology-and-combat Unlocking the SAFETY Act’s Support Anti-terrorism by Fostering Effective Technologies - P.L. 107-296] Potential to Promote Technology and Combat Terrorism ]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
+| National Research Council ||2010-09-21||[http://www.nap.edu/catalog.php?record_id=12998 Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop ]||No||Independent Report||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>4.10 [[Privacy]]
 |-
-| U.S. House Committee on Energy and Commerce||2011-05-31||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8639 Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+| National Research Council ||2010-10-05||[http://www.nap.edu/catalog.php?record_id=12997#description Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy ]||No||Independent Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]
 |-
-| U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade)||2011-06-02||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8653 Sony and Epsilon: Lessons for Data Security Legislation]||U.S. Government Hearing||4.9 [[Identity Management]],<br>5.1 [[Regulation/Liability]],<br>5.2 [[Private Efforts/Organizations]]||No
+| National Research Council ||1999||[[Trust_in_Cyberspace|Trust in Cyberspace ]]||Yes||Independent Report ||3.3.3.2 [[Public Data Networks]],<br>4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]]
 |-
-| U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing)||2011-06-15||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8693 Discussion Draft of H.R. ___, a bill to require greater protection for sensitive consumer data and timely notification in case of breach]||U.S. Government Hearing||4.6 [[Information Sharing/Disclosure]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
+| National Research Council ||2007||[[Toward_a_Safer_and_More_Secure_Cyberspace|Toward a Safer and More Secure Cyberspace ]]||Yes||Independent Report ||1. [[Overview]],<br>4.8 [[Attribution]],<br>5.6 [[Deterrence]]
 |-
-| U.S. Senate Committee on Banking, Housing and Urban Affairs||2011-06-21||[http://banking.senate.gov/public/index.cfm?FuseAction=Hearings.Hearing&Hearing_ID=87487cb2-4710-4c09-a1b0-a9e12cda88f1 Cybersecurity and Data Protection in the Financial Sector]||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
+| National Research Council, Committee for Advancing Software-Intensive Systems Producibility ||2010-10-20||[http://www.nap.edu/catalog.php?record_id=12979 Critical Code: Software Producibility for Defense ]||No||Independent Reprot ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-06-21||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16e1bbe Cybersecurity: Evaluating the Administration’s Proposals]||U.S. Government Hearing||1. [[Overview]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| National Science and Technology Council ||2006||[[Federal_Plan_for_Cyber_Security_and_Information_Assurance_Research_and_Development|Federal Plan for Cyber Security and Information Assurance Research and Development ]]||Yes||U.S. Government Report ||4.1 [[Metrics]],<br>4.7 [[Attribution]],<br>4.8 [[Public-Private Cooperation]]
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-06-24||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-homeland-security-impact-obamaadministrations-cybersecurity Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+| National Science Foundation||2011-08-11||[http://www.livescience.com/15423-forefront-cyber-security-research-nsf-bts.html At the Forefront of Cyber Security Research ]||No||U.S. Government Report||5.7 [[Technology]]
 |-
-| U.S. House Committee on Financial Services (field hearing in Hoover, AL)||2011-06-29||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=246611 Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information]||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>5.1 [[Regulation/Liability]]||No
+| National Science Foundation||2012-01-17||[http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=1127185 Information Security Risk Taking ]||No||U.S. Government Report||4.1 [[Metrics]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. Senate Committee on Commerce, Science and Transportation||2011-06-29||[http://commerce.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=e2c2a2ca-91d6-48a2-b5ea-b5c4104bdb97&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=b06c39af-e033-4cba-9221-de668ca1978a&MonthDisplay=6&YearDisplay=2011 Privacy and Data Security: Protecting Consumers in the Modern World]||U.S. Government Hearing||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
+| National Security Cyberspace Institute||2012-07-11||[http://www.nsci-va.org/WhitePapers/2011-07-22-Cyber Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies ]||No||Independent Report||
 |-
-| U.S. House Committee on Oversight and Government Reform||2011-07-07||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-nations-ability-to-address-the-growing-cyber-threat/ Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat]||U.S. Government Hearing||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+| National Security Initiative ||2010-10-18||[http://www.americansecuritychallenge.com/ American Security Challenge ]||No||Independent Report||
 |-
-| U.S. House Committee on Science, Space and Technology||2011-07-21||[http://science.house.gov/markup/full-committee-%E2%80%93-markup Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No
+| Networking and Information Technology Research and Development ||2009||[[National_Cyber_Leap_Year_Summit_2009,_Co-Chairs%27_Report|National Cyber Leap Year Summit 2009, Co-Chairs' Report ]]||Yes||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]],<br>5.7 [[Technology]]
 |-
-| U.S. Senate Committee on Small Business and Entrepreneurship||2011-07-25||[http://www.sbc.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=6b4d51de-dd67-434b-869f-a717b315e6c2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=43eb5e02-e987-4077-b9a7-1e5a9cf28964&MonthDisplay=7&YearDisplay=2011 Role of Small Business in Strengthening Cybersecurity Efforts in the United States]||U.S. Government Hearing||4.2.2 [[Incentives]],<br>4.7 [[public-Private Cooperation]]||No
+| NIST ||2011-09-01||[http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505 Cloud Computing Reference Architecture ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]]
 |-
-| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2011-07-26||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8824 Cybersecurity: Infrastructure An Overview of Risks to Critical]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+| NIST ||2011-12-01||[http://www.nist.gov/itl/cloud/upload/SP_500_293_volumeII.pdf U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. Senate Committee on Judiciary||2011-09-07||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=3d9031b47812de2592c3baeba629084b Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats]||U.S. Government Hearing||3.11 [[Cybercrime]],<br>4.13.2 [[Industrial Espionage]],<br>5.1 [[Regulation/Liability]]||No
+| NIST ||2012-02-17||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit)||2011-09-14||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=258792 Combating Cybercriminals]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>5.7 [[Government Organizations]]||No
+| Nojeim, Gregory T.||2009||[[Cybersecurity:_Preventing_Terrorist_Attacks_and_Protecting_Privacy_in_Cyberspace|Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace]]||Yes||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]
 |-
-| U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation)||2011-09-21||[http://science.house.gov/hearing/technology-and-innovation-subcommittee-hearing-cloud-computing The Cloud Computing Outlook]||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+| North American Electric Reliability Corp. (NERC) ||2011-01-26||[http://www.wired.com/images_blogs/threatlevel/2011/02/DoE-IG-Report-on-Grid-Security.pdf Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security ]||No||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]
 |-
-| U.S. House Permenant Select Committee on Intelligence||2011-10-04||[https://intelligence.house.gov/hearing/cyber-threats-and-ongoing-efforts-protect-nation Cyber Threats and Ongoing Efforts to Protect the Nation]||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.13.2 [[Industrial Espionage]],<br>5.4 [[International Cooperation]]||No
+| NSTC||2011-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program]||No||U.S. Government Report||5.3 [[Government Organizations]]
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology)||2011-10-06||[http://homeland.house.gov/hearing/cloud-computing-what-are-security-implications Cloud Computing: What are the Security Implications?]||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]]||No
+| Nye, Joseph ||2010||[[Cyber_Power|Cyber Power ]]||Yes||Book ||4.12 [[Cyberwar]],<br>4.13 [[Espionage]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-11-03||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=42c170fb-8e0c-453a-81a2-f4ee3fa89283&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=11&YearDisplay=2011 Institutionalizing Irregular Warfare Capabilities]||U.S. Government Hearing||4.12 [[Cyberwar]]||No
+| OECD||2009||[[Cybersecurity_and_Economic_Incentives|Cybersecurity and Economic Incentives]]||Yes||Non-U.S. Government Report||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]]
 |-
-| U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security)||2011-11-15||[http://judiciary.house.gov/hearings/hear_11152011.html Cybersecurity: Protecting America’s New Frontier]||U.S. Government Hearing||4.10 [[Privacy]],<br>4.11 [[Cybercrime]]||No
+| OECD||2009||[[The_Market_Consequences_of_Cybersecurity|The Market Consequences of Cybersecurity]]||Yes||Non-U.S. Government Report||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]]
 |-
-| U.S. House Committee on the Judiciary||2011-11-16||[http://judiciary.house.gov/hearings/hear_11162011.html Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act)]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||No
+| Office of the National Counterintelligence Executive ||2011-11-03||[http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf Foreign Spies Stealing US Economic Secrets in Cyberspace ]||No||U.S. Government Report||3. [[Threats and Actors]],<br>3.2 [[Actors and Incentives]],<br>4.13 [[Espionage]]
 |-
-| U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology)||2011-12-01||[http://smallbusiness.house.gov/Calendar/EventSingle.aspx?EventID=270278 Cyber Security: Protecting Your Small Business]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||No
+| Organisation for Economic Co-operation and Development (OECD) ||2010-11-12||[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.165.2211&rep=rep1&type=pdf The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data ]||No||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]
 |-
-| U.S. House Permenant Select Committee on Intelligence||2011-12-01||[https://intelligence.house.gov/markup/mark-hr-xxxx-%E2%80%9Ccyber-intelligence-sharing-and-protection-act-2011%E2%80%9D Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011]||U.S. Government Hearing||4.6 [[Information Sharing]],<br>5.1 [[Regulation/Liability]]||No
+| Organization for Economic Co-operation and Development (OECD) ||2012-01-10||[http://www.oecd-ilibrary.org/docserver/download/fulltext/5k9h2q8v9bln.pdf?expires=1330527950&id=id&accname=guest&checksum=F4470043AC638BE19D5131C3D5CE5EA4 ICT Applications for the Smart Grid: Opportunities and Policy Implications ]||No||Independent Report ||
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-12-06||[http://homeland.house.gov/hearing/subcommittee-hearing-hearing-draft-legislative-proposal-cybersecurity Hearing on Draft Legislative Proposal on Cybersecurity]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+| PCAST||2010-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology]||No||U.S. Government Report||4.3 [[Supply Chain Issues]],<br>4.10 [[Privacy]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2012-02-01||[http://homeland.house.gov/markup/subcommittee-markup-hr-3674 Consideration and Markup of H.R. 3674]||U.S. Government Hearing||4.6 [[Information Sharing]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+| PCAST||2011-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-advanced-manufacturing-june2011.pdf Report to the President on Ensuring American Leadership in Advanced Manufacturing]||No||U.S. Government Report||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. Senate Committee on Homeland Security and Governmental Affairs||2012-02-16||[http://www.hsgac.senate.gov/hearings/securing-americas-future-the-cybersecurity-act-of-2012 Securing America’s Future: The Cybersecurity Act of 2012]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||No
+| Perkins, Earl||2009||[[Evolving_Cybersecurity_Issues_in_the_Utility_Industry|Evolving Cybersecurity Issues in the Utility Industry]]||Yes||Independent Report||3.3.2 [[Private Critical Infrastructure]],<br>3.3.2.4 [[Water, Sewer, etc.]],<br>4.7 [[Public-Private Cooperation]]
 |-
-| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-02-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9318 Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.2.1 [[Risk Management and Investment]]||No
+| Pew Research Center’s Internet & American Life Project ||2010-06-11||[http://pewinternet.org/Reports/2010/The-future-of-cloud-computing.aspx The future of cloud computing ]||No||Independent Report||3.3.3.3 [[Cloud Computing]]
 |-
-| U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight)||2012-02-29||[http://science.house.gov/hearing/subcommittee-investigations-and-oversight-hearing-nasa-cybersecurity-examination-agency%E2%80%99s NASA Cybersecurity: An Examination of the Agency’s Information Security]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| Powell, Benjamin ||2005||[[Is_Cybersecurity_a_Public_Good|Is Cybersecurity a Public Good ]]||Yes||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.5 [[Market Failure]],<br>5.1 [[Regulation/Liability]]
 |-
-| U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-07||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9342 Cybersecurity:Networks     The Pivotal Role of Communications]||U.S. Government Hearing||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| President's Commission on Critical Infrastructure Protection ||1997||[[Critical_Foundations|Critical Foundations ]]||Yes||U.S. Government Report ||3.3.2 [[Private Critical Infrastructure]],<br>3.3.3 [[Communications]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. Senate Committee on Judiciary||2012-03-13||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=8b30fa475a5089d793576cd947089793 The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||No
+| President's Information Technology Advisory Council ||2005||[[Cyber_Security:_A_Crisis_of_Prioritization|Cyber Security: A Crisis of Prioritization ]]||Yes||U.S. Government Report ||4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=92823c77-38f0-4c20-a3ee-36729e8e19a3&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2012 Fiscal 2013 Defense Authorization: IT and Cyber Operations]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>Government [[Organizations]]||No
+| Project on National Security Reform (PNSR) ||2010-11||[http://www.pnsr.org/data/images/pnsr_the_power_of_people_report.pdf The Power of People: Building an Integrated National Security Professional System for the 21st Century ]||No||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://www.armed-services.senate.gov/Transcripts/2012/03%20March/12-14%20-%203-20-12.pdf To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No
+| Quadrennial Defense Review ||2010-07-30||[http://www.usip.org/quadrennial-defense-review-independent-panel-/view-the-report The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report) ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-03-27||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9393 IT Supply Chain Security: Review of Government and Industry Efforts]||U.S. Government Hearing||4.3 [[Supply Chain Issues]]||No
+| RAND||2011-12-21||[http://www.rand.org/content/dam/rand/pubs/occasional_papers/2011/RAND_OP342.pdf A Cyberworm that Knows No Boundaries ]||No||Independent Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| U.S. Senate Committee on Armed Services||2012-03-27||[http://armed-services.senate.gov/e_witnesslist.cfm?id=5283 To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program.]||U.S. Government Hearing||3.2.1 [[States]],<br>4.2 [[Economics of Cybersecurity]],<br>4.12 [[Cyberwar]]||No
+| Rattray, Gregory and Healey, Jason||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059437.pdf Categorizing and Understanding Offensive Cyber Capabilities and Their Use ]||No||Journal Article||3.1 [[The Threat and Skeptics]],<br>3.3 [[Security Targets]],<br>4.12 [[Cyberwar]]
 |-
-| U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9397 Cybersecurity:Threats to Communications Networks and Public-Sector Responses]||U.S. Government Hearing||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+| Rollins, John and Wilson, Clay||2007||[[Terrorist_Capabilities_for_Cyberattack|Terrorist Capabilities for Cyberattack]]||Yes||U.S. Government Report||3.2.4 [[Terrorists]],<br>3.3 [[Security Targets]],<br>4.2.2 [[Incentives]]
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-19||[http://homeland.house.gov/hearing/subcommittee-hearing-dhs-and-doe-national-labs-finding-efficiencies-and-optimizing-outputs The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| Romanosky et al. ||2008||[[Do_Data_Breach_Disclosure_Laws_Reduce_Identity_Theft|Do Data Breach Disclosure Laws Reduce Identity Theft ]]||Yes||Independent Report ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management)||2012-04-24||[http://homeland.house.gov/hearing/subcommittee-hearing-america-under-cyber-attack-why-urgent-action-needed America is Under Cyber Attack: Why Urgent Action is Needed]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]]||No
+| Rosenzweig, Paul||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059443.pdf The Organization of the United States Government and Private Sector for Achieving Cyber Deterrence ]||No||Journal Article||4.3 [[Supply Chain Issues]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-26||[http://homeland.house.gov/hearing/joint-subcommittee-hearing-iranian-cyber-threat-us-homeland Iranian Cyber Threat to U.S. Homeland]||U.S. Government Hearing||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.12 [[Cyberwar]]||No
+| Rotenberg et. al. ||2010||[[The_Cyber_War_Threat_Has_Been_Grossly_Exaggerated|The Cyber War Threat Has Been Grossly Exaggerated ]]||Yes||Article||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]]
 |-
-| GAO||2004-05-28||[http://www.gao.gov/assets/160/157541.pdf Technology Assessment: Cybersecurity for Critical Infrastructure Protection]||U.S. Government Report||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.7 [[Technology]]||No
+| Rue, Rachel and Pfleeger, Shari Lawrence||2009||[[Making_the_Best_Use_of_Cybersecurity_Economic_Models|Making the Best Use of Cybersecurity Economic Models]]||Yes||Journal Article||4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]]
 |-
-| U.S. Department of Energy, Infrastructure Security and Energy Restoration ||2007-01-01||[http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf 21 Steps to Improve Cyber Security of SCADA Networks ]||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| Santos, Joost R., et. al||2007||[[A_Framework_for_Linking_Cybersecurity_Metrics_to_the_Modeling_of_Macroeconomic_Interdependencies|A Framework for Linking Cybersecurity Metrics to the Modeling of Macroeconomic Interdependencies]]||Yes||Journal Article||3.3.2 [[Private Critical Infrastructure]],<br>4.1 [[Metrics]]
 |-
-| Wilson, Clay<br />CRS||2007-03-20||[http://www.fas.org/sgp/crs/natsec/RL31787.pdf Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues]||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]]||No
+| Schmitt Michael N   ||2002||[[Wired_Warfare| Wired warfare: Computer network attack and jus in bello]]||Yes||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| GAO||2008-07-31||[http://www.gao.gov/assets/280/279084.pdf Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability]||U.S. Government Report||5.3 [[Government Organizations]]||No
+| Schmitt Michael N   ||2004||[[Direct_Participation_in_Hostilities|Direct Participation in Hostilities and 21st Century Armed Conflict]]||Yes||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| Department of Homeland Security||2009-09-16||[http://www.cyber.st.dhs.gov/docs/National_Cyber_Leap_Year_Summit_2009_Co-Chairs_Report.pdf National Cyber Leap Year Summit 2009: Co-Chairs' Report]||U.S. Government Report||3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>4.8 [[Attribution]]||No
+| Schmitt, Michael N. ||1999||[[Computer_Network_Attack_and_the_Use_of_Force_in_International_Law|Computer Network Attack and the Use of Force in International Law ]]||Yes||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| GAO||2009-09-24||[http://www.gao.gov/new.items/d09969.pdf Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+| Schmitt, Michael N. ||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059439.pdf Cyber Operations in International Law: The Use of Force, Collective Security, Self-Defense, and Armed Conflicts]||No||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| Federal Communications Commission (FCC) ||2010-04-21||[http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-305618A1.doc Explore the reliability and resiliency of commercial broadband communications networks ]||U.S. Government Report||3.3.3 [[Communications]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| Schmitt, Michael N., et. al ||2004||[[Computers_and_War|Computers and War ]]||Yes||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| Department of Energy, Idaho National Laboratory ||2010-05-01||[http://www.fas.org/sgp/eprint/nstb.pdf NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses ]||U.S. Government Report||3.3.2 [[Private Critical Infrastructure]],<br>5.7 [[Technology]]||No
+| Schneidewind, Norman||2010||[[Metrics_for_Mitigating_Cybersecurity_Threats_to_Networks|Metrics for Mitigating Cybersecurity Threats to Networks]]||Yes||Journal Article||4.1 [[Metrics]]
 |-
-| GAO||2010-06-03||[http://www.gao.gov/assets/310/305208.pdf Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+| Schneier, Bruce ||2003||[[Beyond_Fear|Beyond Fear ]]||Yes||Book ||3.2 [[Actors and Incentives]],<br>4.5 [[Psychology and Politics]],<br>5.6 [[Deterrence]]
 |-
-| General Accountability Office (GAO) ||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||U.S. Government Report||3.3 [[Security Targets]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]||No
+| Schneier, Bruce ||2008||[[Schneier_on_Security|Schneier on Security ]]||Yes||Book ||3.2 [[Actors and Incentives]],<br>4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]]
 |-
-| National Institute of Standards and Technology (NIST) ||2010-09-02||[http://www.nist.gov/public_affairs/releases/nist-finalizes-initial-set-of-smart-grid-cyber-security-guidelines.cfm NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines ]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| Schwartz, Paul ||2007||[[Notification_of_Data_Security_Breaches|Notification of Data Security Breaches ]]||Yes||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]
 |-
-| White House (Office of Science & Technology Policy) ||2010-12-06||[http://www.whitehouse.gov/blog/2010/12/06/partnership-cybersecurity-innovation Partnership for Cybersecurity Innovation ]||U.S. Government Report||3.3.2.2 [[Financial Institutions and Networks]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+| Secretary of the Air Force ||2011-07-27||[http://www.e-publishing.af.mil/shared/media/epubs/AFI51-402.pdf Legal Reviews of Weapons and Cyber Capabilities ]||No||U.S. Government Report ||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| Kundra, Vivek||2010-12-09||[http://www.cio.gov/documents/25-point-implementation-plan-to-reform-federal%20it.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+| Shackelford, Scott J.||2010||[[Estonia_Three_Years_Later|Estonia Three Years Later]]||Yes||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]]
 |-
-| Kerr, Paul K. et al.<br />CRS||2010-12-09||[http://www.fas.org/sgp/crs/natsec/R41524.pdf The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability]||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]],<br>5.4 [[International Law (including Laws of War)]]||No
+| Shah, Shashi K.||2004||[[The_Evolving_Landscape_of_Maritime_Cybersecurity|The Evolving Landscape of Maritime Cybersecurity]]||Yes||Journal Article||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2.3 [[Transportation]]
 |-
-| White House ||2010-12-16||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4. [[Issues]],<br>5. [[Approaches]]||No
+| Sklerov, Matthew J. ||2009||[[Solving_the_Dilemma_of_State_Responses_to_Cyberattacks|Solving the Dilemma of State Responses to Cyberattacks ]]||Yes||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| General Accountability Office (GAO) ||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| Sofaer, Abraham; Clark, David; and Diffie, Whitfield||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059440.pdf Cyber Security and International Cooperation ]||No||Journal Article||5.1 [[Regulation/Liability]],<br>5.4 [[International Cooperation]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| North American Electric Reliability Corp. (NERC) ||2011-01-26||[http://www.wired.com/images_blogs/threatlevel/2011/02/DoE-IG-Report-on-Grid-Security.pdf Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security ]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No
+| Software and Information Industry Association (SAII) ||2011-07-26||[http://www.siia.net/index.php?option=com_docman&task=doc_download&gid=3040&Itemid=318 Guide to Cloud Computing for Policy Makers ]||No||Independent Report ||3.3.3.3 [[Cloud Computing]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]
 |-
-| Kundra, Vivek||2011-02-08||[http://www.cio.gov/documents/federal-cloud-computing-strategy.pdf Federal Cloud Computing Strategy]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+| Stohl, Michael ||2006||[[Cyber_Terrorism|Cyber Terrorism ]]||Yes||Journal Article ||3.2.3 [[Hacktivists]],<br>3.2.4 [[Terrorists]],<br>4.5 [[Psychology and Politics]]
 |-
-| James Clapper, Director of National Intelligence ||2011-02-10||[http://www.dni.gov/testimonies/20110210_testimony_clapper.pdf Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony) ]||U.S. Government Report||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]]||No
+| Stuart Madnick et al.||2009||[[Experiences_and_Challenges_with_Using_CERT_Data_to_Analyze_International_Cyber_Security|Experiences and Challenges with Using CERT Data to Analyze International Cyber Security]]||Yes||Journal Article||4.6 [[Information Sharing/Disclosure]],<br>5.4 [[International Cooperation]]
 |-
-| General Accountability Office (GAO) ||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||U.S. Government Report||3. [[Threats and Actors]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+| Swire, Peter P. ||2004||[[A_Model_for_When_Disclosure_Helps_Security|A Model for When Disclosure Helps Security ]]||Yes||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]
 |-
-| U.S. Army War College, Strategy Research Project ||2011-03-24||[http://www.dtic.mil/dtic/tr/fulltext/u2/a552990.pdf China’s Cyber Power and America’s National Security ]||U.S. Government Report||3.2.1 [[States]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]]||No
+| Swire, Peter P. ||2006||[[A_Theory_of_Disclosure_for_Security_and_Competitive_Reasons|A Theory of Disclosure for Security and Competitive Reasons ]]||Yes||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]
 |-
-| U.S. Army War College ||2011-05-09||[http://www.strategicstudiesinstitute.army.mil/pubs/display.cfm?pubid=10670 Cyber Infrastructure Protection ]||U.S. Government Report||||No
+| Symantec||2011-10-24||[http://www.symantec.com/connect/w32_duqu_precursor_next_stuxnet W32.Duqu: The Precursor to the Next Stuxnet ]||No||Industry Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]
 |-
-| Federal Communications Commission (FCC) ||2011-06-03||[ftp://ftp.fcc.gov/pub/Daily_Releases/Daily_Business/2011/ db0610/DOC-307454A1.txt FCC's Plan for Ensuring the Security of Telecommunications Networks ]||U.S. Government Report||||No
+| Symantec Corporation ||2010||[[Symantec_Global_Internet_Security_Threat_Report|Symantec Global Internet Security Threat Report ]]||Yes||Industry Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]
 |-
-| National Science Foundation||2011-08-11||[http://www.livescience.com/15423-forefront-cyber-security-research-nsf-bts.html At the Forefront of Cyber Security Research ]||U.S. Government Report||5.7 [[Technology]]||No
+| Telang, Rahul ||2007||[[Impact_of_Software_Vulnerability_Announcements_on_the_Market_Value_of_Software_Vendors|Impact of Software Vulnerability Announcements on the Market Value of Software Vendors ]]||Yes||Journal Article ||4.1 [[Metrics]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]]
 |-
-| National Initiative for Cybersecurity Education||2011-08-11||[http://csrc.nist.gov/nice/documents/nicestratplan/Draft_NICE-Strategic-Plan_Aug2011.pdf National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation]||U.S. Government Report||1. [[Overview]],<br>5.3 [[Government Organizations]]||No
+| Theohary, Catherine A. and Rollins, John||2010||[[Cybersecurity:_Current_Legislation,_Executive_Branch_Initiatives,_and_Options_for_Congress|Cybersecurity: Current Legislation, Executive Branch Initiatives, and Options for Congress]]||Yes||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| Office of the National Counterintelligence Executive ||2011-11-03||[http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf Foreign Spies Stealing US Economic Secrets in Cyberspace ]||U.S. Government Report||3. [[Threats and Actors]],<br>3.2 [[Actors and Incentives]],<br>4.13 [[Espionage]]||No
+| Thom, Maxie    ||2006||[[Information_Warfare_Arms_Control| Information Warfare Arms Control: Risks and Costs]]||Yes||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5. [[Approaches]]
 |-
-| Department of Defense ||2011-11-15||[http://www.defense.gov/home/features/2011/0411_cyberstrategy/docs/NDAA%20Section%20934%20Report_For%20webpage.pdf Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934 ]||U.S. Government Report||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| Thomas, Rob ||2006||[[The_Underground_Economy|The Underground Economy ]]||Yes||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.11 [[Cybercrime]]
 |-
-| National Initiative for Cybersecurity Education (NICE) ||2011-11-21||[http://csrc.nist.gov/nice/framework/documents/NICE-Cybersecurity-Workforce-Framework-printable.pdf NICE Cybersecurity Workforce Framework ]||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
+| Threat Level Blog (Wired) ||2010-12-27||[http://www.wired.com/threatlevel/2010/12/a-four-day-dive-into-stuxnets-heart/ A Four-Day Dive Into Stuxnet’s Heart ]||No||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]
 |-
-| General Accountability Office (GAO) ||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
+| Todd, Graham H. ||2009||[[Armed_Attack_in_Cyberspace|Armed Attack in Cyberspace ]]||Yes||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| GAO||2012-01-13||[http://www.gao.gov/assets/590/587681.pdf Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements]||U.S. Government Report||3.3.1.2 [[Military Networks (.mil)]],<br>4.7 [[Public-Private Cooperation]]||No
+| Trend Micro Incorporated ||2010||[[Trend_Micro_Annual_Report|Trend Micro Annual Report ]]||Yes||Industry Report ||4.11 [[Cybercrime]]
 |-
-| National Science Foundation||2012-01-17||[http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=1127185 Information Security Risk Taking ]||U.S. Government Report||4.1 [[Metrics]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+| U.S. Air Force ||2010-07-15||[http://www.e-publishing.af.mil/shared/media/epubs/afdd3-12.pdf Cyberspace Operations: Air Force Doctrine Document 3-12 ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]
 |-
-| Department of Defense ||2012-04-11||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DoD) ]||U.S. Government Report||||No
+| U.S. Army War College ||2011-05-09||[http://www.strategicstudiesinstitute.army.mil/pubs/display.cfm?pubid=10670 Cyber Infrastructure Protection ]||No||U.S. Government Report||
 |-
-| Fischer, Eric A.<br />CRS||2012-04-23||[http://www.fas.org/sgp/crs/natsec/R42114.pdf Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions]||U.S. Government Report||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]]||No
+| U.S. Army War College, Strategy Research Project ||2011-03-24||[http://www.dtic.mil/dtic/tr/fulltext/u2/a552990.pdf China’s Cyber Power and America’s National Security ]||No||U.S. Government Report||3.2.1 [[States]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]]
 |-
-| Project on National Security Reform (PNSR) ||2012-11-10||[http://www.pnsr.org/data/images/pnsr_the_power_of_people_report.pdf The Power of People: Building an Integrated National Security Professional System for the 21st Century ]||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
+| U.S. Department of Energy, Infrastructure Security and Energy Restoration ||2007-01-01||[http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf 21 Steps to Improve Cyber Security of SCADA Networks ]||No||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| Department of Homeland Security||2007-06||[http://www.oig.dhs.gov/assets/Mgmt/OIG_07-48_Jun07.pdf Challenges Remain in Securing the Nation’s Cyber Infrastructure]||U.S. Government Report||4.6 [[Information Sharing]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+| U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs) ||2010-009||[http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain Defending a New Domain ]||No||U.S. Government Report ||
 |-
-| White House||2009||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure]||U.S. Government Report||1. [[Overview]],<br>4.7 [[Public-Private Cooperation]]||No
+| U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power)||2011-03-31||[http://www.dhs.gov/ynews/testimony/testimony_1301595025263.shtm Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs  ]||No||U.S. Government Hearing||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]
 |-
-| Department of Homeland Security||2009-11||[http://www.cyber.st.dhs.gov/docs/DHS-Cybersecurity-Roadmap.pdf A Roadmap for Cybersecurity Research]||U.S. Government Report||1. [[Overview]],<br>4.2.1 [[Risk management and Investment]]||No
+| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-02-11||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=90d8a16a-23b7-4b9c-a732-cb10ab20e579&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=2&YearDisplay=2011 What Should the Department of Defense’s Role in Cyber Be?]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]
 |-
-| Department of Homeland Security||2010-08||[http://www.dhs.gov/xoig/assets/mgmtrpts/OIG_10-111_Aug10.pdf DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-03-16||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=79ce7b4c-f88b-40bf-9540-efdb3a2d26b2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2011 2012 Budget Request from U.S. Cyber Command]||No||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]]
 |-
-| Department of Homeland Security||2010-09||[http://www.federalnewsradio.com/pdfs/NCIRP_Interim_Version_September_2010.pdf National Cyber Incident Response Plan]||U.S. Government Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-11-03||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=42c170fb-8e0c-453a-81a2-f4ee3fa89283&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=11&YearDisplay=2011 Institutionalizing Irregular Warfare Capabilities]||No||U.S. Government Hearing||4.12 [[Cyberwar]]
 |-
-| PCAST||2010-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology]||U.S. Government Report||4.3 [[Supply Chain Issues]],<br>4.10 [[Privacy]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=92823c77-38f0-4c20-a3ee-36729e8e19a3&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2012 Fiscal 2013 Defense Authorization: IT and Cyber Operations]||No||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]
 |-
-| White House||2011-04||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]]||No
+| U.S. House Committee on Energy and Commerce||2011-05-31||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8639 Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act]||No||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]
 |-
-| Department of Justice||2011-04||[http://www.justice.gov/oig/reports/FBI/a1122r.pdf The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat]||U.S. Government Report||4.6 [[Information Sharing/Disclosure]],<br>4.11 [[Cybercrime]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade)||2011-06-02||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8653 Sony and Epsilon: Lessons for Data Security Legislation]||No||U.S. Government Hearing||4.9 [[Identity Management]],<br>5.1 [[Regulation/Liability]],<br>5.2 [[Private Efforts/Organizations]]
 |-
-| White House||2011-05||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World]||U.S. Government Report||1. [[Overview]]||No
+| U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing)||2011-06-15||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8693 Discussion Draft of H.R. ___, a bill to require greater protection for sensitive consumer data and timely notification in case of breach]||No||U.S. Government Hearing||4.6 [[Information Sharing/Disclosure]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]
 |-
-| Department of Commerce, Internet Policy Task Force||2011-06||[http://www.nist.gov/itl/upload/Cybersecurity_Green-Paper_FinalVersion.pdf Cybersecurity, Innovation and the Internet Economy]||U.S. Government Report||4.2 [[Economics of Cybersecurity]],<br>4.7 [[Public-Private Cooperation]]||No
+| U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-07||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9342 Cybersecurity:Networks     The Pivotal Role of Communications]||No||U.S. Government Hearing||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| PCAST||2011-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-advanced-manufacturing-june2011.pdf Report to the President on Ensuring American Leadership in Advanced Manufacturing]||U.S. Government Report||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9397 Cybersecurity:Threats to Communications Networks and Public-Sector Responses]||No||U.S. Government Hearing||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| Energy Sector Control Systems Working Group||2011-09||[http://www.cyber.st.dhs.gov/wp-content/uploads/2011/09/Energy_Roadmap.pdf Roadmap to Achieve Energy Delivery Systems Cybersecurity]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]]||No
+| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2011-07-26||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8824 Cybersecurity: Infrastructure An Overview of Risks to Critical]||No||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| Department of Homeland Security||2011-11||[http://www.dhs.gov/xlibrary/assets/nppd/blueprint-for-a-secure-cyber-future.pdf Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise]||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-02-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9318 Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security]||No||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.2.1 [[Risk Management and Investment]]
 |-
-| NSTC||2011-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program]||U.S. Government Report||5.3 [[Government Organizations]]||No
+| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-03-27||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9393 IT Supply Chain Security: Review of Government and Industry Efforts]||No||U.S. Government Hearing||4.3 [[Supply Chain Issues]]
 |-
-| White House||2012-01||[http://www.whitehouse.gov/sites/default/files/national_strategy_for_global_supply_chain_security.pdf National Strategy for Global Supply Chain Security]||U.S. Government Report||4.3 [[Supply Chain Issues]]||No
+| U.S. House Committee on Financial Services (field hearing in Hoover, AL)||2011-06-29||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=246611 Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information]||No||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>5.1 [[Regulation/Liability]]
 |-
-| White House||2012-02||[http://www.whitehouse.gov/sites/default/files/privacy-final.pdf Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy]||U.S. Government Report||4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No
+| U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit)||2011-09-14||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=258792 Combating Cybercriminals]||No||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>5.7 [[Government Organizations]]
 |-
-| Department of Energy||2012-04||[http://energy.gov/sites/prod/files/OAS-RA-12-04.pdf The Department's Management of the Smart Grid Investment Grant Program]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>4.2.1 [[Risk Management and Investment]]||No
+| U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations)||2011-04-15||[http://foreignaffairs.house.gov/hearing_notice.asp?id=1279 Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology]||No||U.S. Government Hearing||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>4.13 [[Espionage]]
 |-
-| GAO||2003-08-27||[http://www.gao.gov/products/GAO-03-760 Efforts to Improve Information sharing Need to Be Strengthened ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-19||[http://homeland.house.gov/hearing/subcommittee-hearing-dhs-and-doe-national-labs-finding-efficiencies-and-optimizing-outputs The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development]||No||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| White House/OMB||2009-05-29||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure ]||U.S. Government Report ||4. [[Issues]],<br>5. [[Approaches]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-26||[http://homeland.house.gov/hearing/joint-subcommittee-hearing-iranian-cyber-threat-us-homeland Iranian Cyber Threat to U.S. Homeland]||No||U.S. Government Hearing||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.12 [[Cyberwar]]
 |-
-| GAO||2009-11-17||[http://www.gao.gov/products/GAO-10-230t Continued Efforts Are Needed to Protect Information Systems from Evolving Threats ]||U.S. Government Report ||3.2 [[Actors and Incentives]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-02-11||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cpreventing-chemical-terrorism-building-foundation-security-our-nation Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities]||No||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]
 |-
-| White House/OMB||2010-03-02||[http://www.whitehouse.gov/cybersecurity/comprehensive-national-cybersecurity-initiative Comprehensive National Cybersecurity Initiative (CNCI) ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-03-16||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-cyber-threat-critical-infrastructure-and-american-economy Examining the Cyber Threat to Critical Infrastructure and the American Economy]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]]
 |-
-| GAO||2010-03-05||[http://www.gao.gov/products/GAO-10-338 Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-04-15||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9C-dhs-cybersecurity-mission-promoting-innovation-and-securing-critical DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure]||No||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]
 |-
-| GAO||2010-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-06-24||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-homeland-security-impact-obamaadministrations-cybersecurity Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal]||No||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]
 |-
-| GAO||2010-03-24||[http://www.gao.gov/products/GAO-10-536t Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at: ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-12-06||[http://homeland.house.gov/hearing/subcommittee-hearing-hearing-draft-legislative-proposal-cybersecurity Hearing on Draft Legislative Proposal on Cybersecurity]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]
 |-
-| GAO||2010-04-12||[http://www.gao.gov/products/GAO-10-237 Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2012-02-01||[http://homeland.house.gov/markup/subcommittee-markup-hr-3674 Consideration and Markup of H.R. 3674]||No||U.S. Government Hearing||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]
 |-
-| GAO||2010-06-16||[http://www.gao.gov/products/GAO-10-834t Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology)||2011-10-06||[http://homeland.house.gov/hearing/cloud-computing-what-are-security-implications Cloud Computing: What are the Security Implications?]||No||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. Navy ||2010-06-17||[http://www.doncio.navy.mil/PolicyView.aspx?ID=1804 DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies)||2011-05-26||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cunlocking-safety-act%E2%80%99s-potential-promote-technology-and-combat Unlocking the SAFETY Act’s Potential to Promote Technology and Combat Terrorism ]||No||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]
 |-
-| White House/OMB||2010-06-25||[http://www.dhs.gov/xlibrary/assets/ns_tic.pdf The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management)||2012-04-24||[http://homeland.house.gov/hearing/subcommittee-hearing-america-under-cyber-attack-why-urgent-action-needed America is Under Cyber Attack: Why Urgent Action is Needed]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]]
 |-
-| GAO||2010-07-01||[http://www.gao.gov/products/GAO-10-513 Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Oversight and Government Reform||2011-07-07||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-nations-ability-to-address-the-growing-cyber-threat/ Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat]||No||U.S. Government Hearing||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| White House/OMB||2010-07-06||[http://www.whitehouse.gov/sites/default/files/omb/assets/memoranda_2010/m10-28.pdf Clarifying Cybersecurity Responsibilities ]||U.S. Government Report ||5.3 [[Government Organizations]]||No
+| U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations)||2011-05-25||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-immediate-threat-to-the-united-states/ Cybersecurity: Assessing the Immediate Threat to the United States]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]
 |-
-| GAO||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Science, Space and Technology||2011-07-21||[http://science.house.gov/markup/full-committee-%E2%80%93-markup Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011]||No||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]
 |-
-| U.S. Air Force ||2010-07-15||[http://www.e-publishing.af.mil/shared/media/epubs/afdd3-12.pdf Cyberspace Operations: Air Force Doctrine Document 3-12 ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education)||2011-05-25||[http://science.house.gov/hearing/subcommittee-research-and-science-education-subcommittee-technology-and-innovation-%E2%80%93-joint Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts]||No||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| Quadrennial Defense Review ||2010-07-30||[http://www.usip.org/quadrennial-defense-review-independent-panel-/view-the-report The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report) ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight)||2012-02-29||[http://science.house.gov/hearing/subcommittee-investigations-and-oversight-hearing-nasa-cybersecurity-examination-agency%E2%80%99s NASA Cybersecurity: An Examination of the Agency’s Information Security]||No||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| GAO||2010-08-02||[http://www.gao.gov/products/GAO-10-606 United States Faces Challenges in Addressing Global Cybersecurity and Governance ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]||No
+| U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation)||2011-09-21||[http://science.house.gov/hearing/technology-and-innovation-subcommittee-hearing-cloud-computing The Cloud Computing Outlook]||No||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]
 |-
-| GAO||2010-09-15||[http://www.gao.gov/products/GAO-10-916 Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology)||2011-12-01||[http://smallbusiness.house.gov/Calendar/EventSingle.aspx?EventID=270278 Cyber Security: Protecting Your Small Business]||No||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]
 |-
-| GAO||2010-09-23||[http://www.gao.gov/products/GAO-10-772 DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on the Judiciary||2011-11-16||[http://judiciary.house.gov/hearings/hear_11162011.html Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act)]||No||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]
 |-
-| GAO||2010-10-06||[http://www.gao.gov/products/GAO-11-24 Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed ]||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security)||2011-11-15||[http://judiciary.house.gov/hearings/hear_11152011.html Cybersecurity: Protecting America’s New Frontier]||No||U.S. Government Hearing||4.10 [[Privacy]],<br>4.11 [[Cybercrime]]
 |-
-| National Research Council, Committee for Advancing Software-Intensive Systems Producibility ||2010-10-20||[http://www.nap.edu/catalog.php?record_id=12979 Critical Code: Software Producibility for Defense ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet)||2011-05-25||[http://judiciary.house.gov/hearings/hear_05252011.html Cybersecurity: Problems Innovative Solutions to Challenging]||No||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]]
 |-
-| GAO||2010-11-30||[http://www.gao.gov/products/GAO-11-43 Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk ]||U.S. Government Report ||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| U.S. House Permenant Select Committee on Intelligence||2011-02-10||[https://intelligence.house.gov/hearing/full-committee-world-wide-threats-hearing World Wide Threats]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| White House/OMB||2010-12-09||[http://www.cio.gov/documents/25-Point-Implementation-Plan-to-Reform-Federal%20IT.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| U.S. House Permenant Select Committee on Intelligence||2011-10-04||[https://intelligence.house.gov/hearing/cyber-threats-and-ongoing-efforts-protect-nation Cyber Threats and Ongoing Efforts to Protect the Nation]||No||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.13.2 [[Industrial|Industrial Espionage]],<br>5.4 [[International Cooperation]]
 |-
-| GAO||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||U.S. Government Report ||3.3.2.1 [[Electricity]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| U.S. House Permenant Select Committee on Intelligence||2011-12-01||[https://intelligence.house.gov/markup/mark-hr-xxxx-%E2%80%9Ccyber-intelligence-sharing-and-protection-act-2011%E2%80%9D Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011]||No||U.S. Government Hearing||4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]
 |-
-| White House ||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| U.S. Navy ||2010-06-17||[http://www.doncio.navy.mil/PolicyView.aspx?ID=1804 DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]
 |-
-| White House/OMB||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| U.S. Senate Committee on Armed Services||2012-03-27||[http://armed-services.senate.gov/e_witnesslist.cfm?id=5283 To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program.]||No||U.S. Government Hearing||3.2.1 [[States]],<br>4.2 [[Economics of Cybersecurity]],<br>4.12 [[Cyberwar]]
 |-
-| GAO||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-05-03||[http://www.armed-services.senate.gov/Transcripts/2011/05%20May/11-31%20-%205-3-11.pdf To receive testimony on the health and status of the defense industrial base and its science and technology-related elements]||No||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.3 [[Supply Chain Issues]],<br>5.3 [[Government Organizations]]
 |-
-| White House ||2011-04-15||[http://www.whitehouse.gov/the-press-office/2011/04/15/administration-releases-strategy-protect-online-consumers-and-support-in Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://www.armed-services.senate.gov/Transcripts/2012/03%20March/12-14%20-%203-20-12.pdf To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program]||No||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]
 |-
-| White House ||2011-04-15||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Banking, Housing and Urban Affairs||2011-06-21||[http://banking.senate.gov/public/index.cfm?FuseAction=Hearings.Hearing&Hearing_ID=87487cb2-4710-4c09-a1b0-a9e12cda88f1 Cybersecurity and Data Protection in the Financial Sector]||No||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]
 |-
-| White House/OMB||2011-05-12||[http://www.whitehouse.gov/the-press-office/2011/05/12/fact-sheet-cybersecurity-legislative-proposal Cybersecurity Legislative Proposal (Fact Sheet) ]||U.S. Government Report ||4. [[Issues]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Commerce, Science and Transportation||2011-06-29||[http://commerce.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=e2c2a2ca-91d6-48a2-b5ea-b5c4104bdb97&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=b06c39af-e033-4cba-9221-de668ca1978a&MonthDisplay=6&YearDisplay=2011 Privacy and Data Security: Protecting Consumers in the Modern World]||No||U.S. Government Hearing||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]
 |-
-| White House/OMB||2011-05-16||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]||No
+| U.S. Senate Committee on Energy and Natural Resources||2011-03-15||[ Cybersecurity and Critical Electric Infrastructure (closed)]||No||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]]
 |-
-| Department of Commerce ||2011-06-14||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Energy and Natural Resources||2011-05-05||[http://www.energy.senate.gov/public/index.cfm/hearings-and-business-meetings?ID=929c1441-da25-c99d-3e27-af20c29e3b4b Cybersecurity of the Bulk-Power System and Electric Infrastructure]||No||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]]
 |-
-| GAO||2011-07-08||[http://www.gao.gov/products/GAO-11-149 Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain ]||U.S. Government Report ||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-02-17||[http://www.hsgac.senate.gov/hearings/the-homeland-security-departments-budget-submission-for-fiscal-year-2012 Homeland Security Department’s Budget Submission for Fiscal Year 2012]||No||U.S. Government Hearing||
 |-
-| Department of Defense ||2011-07-14||[http://www.defense.gov/news/d20110714cyber.pdf Department of Defense Strategy for Operating in Cyberspace ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-03-10||[http://www.hsgac.senate.gov/hearings/information-sharing-in-the-era-of-wikileaks-balancing-security-and-collaboration Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration]||No||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]
 |-
-| GAO||2011-07-25||[http://www.gao.gov/products/GAO-11-75 Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-05-23||[http://www.hsgac.senate.gov/hearings/protecting-cyberspace-assessing-the-white-house-proposal Protecting Cyberspace: Assessing the White House Proposal]||No||U.S. Government Hearing||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]]
 |-
-| GAO||2011-07-26||[http://www.gao.gov/products/GAO-11-463T Continued Attention Needed to Protect Our Nation’s Critical Infrastructure ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Homeland Security and Governmental Affairs||2012-02-16||[http://www.hsgac.senate.gov/hearings/securing-americas-future-the-cybersecurity-act-of-2012 Securing America’s Future: The Cybersecurity Act of 2012]||No||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]
 |-
-| Secretary of the Air Force ||2011-07-27||[http://www.e-publishing.af.mil/shared/media/epubs/AFI51-402.pdf Legal Reviews of Weapons and Cyber Capabilities ]||U.S. Government Report ||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]]||No
+| U.S. Senate Committee on Judiciary||2011-03-30||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da1697f72 Oversight of the Federal Bureau of Investigation]||No||U.S. Government Hearing||3. [[Threats and Actors]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]
 |-
-| GAO||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Judiciary||2011-09-07||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=3d9031b47812de2592c3baeba629084b Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats]||No||U.S. Government Hearing||3.11 [[Cybercrime]],<br>4.13.2 [[Industrial|Industrial Espionage]],<br>5.1 [[Regulation/Liability]]
 |-
-| General Accountability Office (GAO) ||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Judiciary||2012-03-13||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=8b30fa475a5089d793576cd947089793 The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know]||No||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]
 |-
-| NIST ||2011-09-01||[http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505 Cloud Computing Reference Architecture ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]]||No
+| U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-04-12||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16a9959 Cyber Security: Responding to the Threat of Cyber Crime and Terrorism]||No||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]
 |-
-| White House/OMB||2011-09-14||[http://www.whitehouse.gov/sites/default/files/omb/memoranda/2011/m11-33.pdf FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-06-21||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16e1bbe Cybersecurity: Evaluating the Administration’s Proposals]||No||U.S. Government Hearing||1. [[Overview]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| GAO||2011-10-03||[http://www.gao.gov/products/GAO-12-137 Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
+| U.S. Senate Committee on Small Business and Entrepreneurship||2011-07-25||[http://www.sbc.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=6b4d51de-dd67-434b-869f-a717b315e6c2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=43eb5e02-e987-4077-b9a7-1e5a9cf28964&MonthDisplay=7&YearDisplay=2011 Role of Small Business in Strengthening Cybersecurity Efforts in the United States]||No||U.S. Government Hearing||4.2.2 [[Incentives]],<br>4.7 [[public-Private Cooperation]]
 |-
-| GAO||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+| United States Secret Service ||2004||[[Insider_Threat_Study|Insider Threat Study ]]||Yes||U.S. Government Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.2 [[Incentives]],<br>4.4 [[Usability/Human Factors]]
 |-
-| GAO ||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+| University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research ||2011-01-13||[http://www.isi.edu/deter/news/news.php?story=20 Design of the DETER Security Testbed ]||No||Independent Report||5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| White House/OMB||2011-10-07||[http://www.whitehouse.gov/the-press-office/2011/10/07/executive-order-structural-reforms-improve-security-classified-networks- Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+| van Eeten, Michael and Bauer, Johannes M.||2009||[[Emerging_Threats_to_Internet_Security|Emerging Threats to Internet Security: Incentives, Externalities and Policy Implications]]||Yes||Journal Article||3.3.1.1 [[Government Networks (.gov)]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]
 |-
-| GAO||2011-10-17||[http://www.gao.gov/products/GAO-11-634 Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management ]||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| van Eeten, Michel J. G. ||2008||[[Economics_of_Malware|Economics of Malware ]]||Yes||Non-U.S. Government Report ||4.2 [[Economics of Cybersecurity]]
 |-
-| GAO||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at: ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No
+| Varian, Hal ||2000||[[Managing_Online_Security_Risks|Managing Online Security Risks ]]||Yes||Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]]
 |-
-| NIST ||2011-12-01||[http://www.nist.gov/itl/cloud/upload/SP_500_293_volumeII.pdf U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+| Varian, Hal ||2004||[[System_Reliability_and_Free_Riding|System Reliability and Free Riding ]]||Yes||Book ||4.2 [[Economics of Cybersecurity]]
 |-
-| White House/OMB||2011-12-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program ]||U.S. Government Report ||5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No
+| Vatis, Michael A.||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059441.pdf The Council of Europe Convention on Cybercrime]||No||Journal Article||4.11 [[Cybercrime]],<br>5.5 [[International Law (including Laws of War)]],<br>5.6 [[Deterrence]]
 |-
-| White House/Office of Management and Budget (OMB) ||2011-12-08||[http://www.cio.gov/fedrampmemo.pdf Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP) ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+| Verizon ||2010||[[2010_Data_Breach_Investigations_Report|2010 Data Breach Investigations Report ]]||Yes||Industry Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]]
 |-
-| GAO||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No
+| Watts, Sean ||2010||[[Combatant_Status_and_Computer_Network_Attack|Combatant Status and Computer Network Attack ]]||Yes||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]
 |-
-| General Accountability Office (GAO) ||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||U.S. Government Report ||||No
+| White House||2009||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure]||No||U.S. Government Report||1. [[Overview]],<br>4.7 [[Public-Private Cooperation]]
 |-
-| Department of Energy (DOE) Inspector General ||2012-01-01||[http://energy.gov/ig/downloads/departments-management-smart-grid-investment-grant-program-oas-ra-12-04 The Department’s Management of the Smart Grid Investment Grant Program ]||U.S. Government Report ||3.3.2.1 [[Electricity]],<br>5.3 [[Government Organizations]]||No
+| White House||2011-04||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy]||No||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]]
 |-
-| Federal CIO Council ||2012-01-04||[http://www.gsa.gov/portal/category/102371 Federal Risk and Authorization Management Program (FedRAMP) ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+| White House||2011-05||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World]||No||U.S. Government Report||1. [[Overview]]
 |-
-| Department of Defense ||2012-02-16||[http://www.fas.org/sgp/othergov/dod/5200_01v1.pdf DOD Information Security Program: Overview, Classification, and Declassification ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No
+| White House||2012-01||[http://www.whitehouse.gov/sites/default/files/national_strategy_for_global_supply_chain_security.pdf National Strategy for Global Supply Chain Security]||No||U.S. Government Report||4.3 [[Supply Chain Issues]]
 |-
-| NIST ||2012-02-17||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No
+| White House||2012-02||[http://www.whitehouse.gov/sites/default/files/privacy-final.pdf Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy]||No||U.S. Government Report||4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]
 |-
-| President's Commission on Critical Infrastructure Protection ||1997||[[Critical_Foundations|Critical Foundations ]]||U.S. Government Report ||3.3.2 [[Private Critical Infrastructure]],<br>3.3.3 [[Communications]],<br>5.3 [[Government Organizations]]||Yes
+| White House ||2010-12-16||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology ]||No||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4. [[Issues]],<br>5. [[Approaches]]
 |-
-| Department of Defense ||1999||[[An_Assessment_of_International_Legal_Issues_in_Information_Operations|An Assessment of International Legal Issues in Information Operations ]]||U.S. Government Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes
+| White House ||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| Department of Homeland Security ||2003||[[The_National_Strategy_for_the_Physical_Protection_of_Critical_Infrastructures_and_Key_Assets|The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets ]]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
+| White House ||2011-04-15||[http://www.whitehouse.gov/the-press-office/2011/04/15/administration-releases-strategy-protect-online-consumers-and-support-in Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]
 |-
-| White House ||2003||[[The_National_Strategy_to_Secure_Cyberspace|The National Strategy to Secure Cyberspace ]]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperations]]||Yes
+| White House ||2011-04-15||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]
 |-
-| National Infrastructure Advisory Council ||2004||[[Hardening_The_Internet|Hardening The Internet ]]||U.S. Government Report ||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||Yes
+| White House ||2003||[[The_National_Strategy_to_Secure_Cyberspace|The National Strategy to Secure Cyberspace ]]||Yes||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]
 |-
-| National Cyber Security Summit Task Force ||2004||[[Information_Security_Governance|Information Security Governance ]]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[government Organizations]]||Yes
+| White House ||2009||[[Cyberspace_Policy_Review|Cyberspace Policy Review ]]||Yes||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[Government Organizations]]
 |-
-| United States Secret Service ||2004||[[Insider_Threat_Study|Insider Threat Study ]]||U.S. Government Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.2 [[Incentives]],<br>4.4 [[Usability/Human Factor]]||Yes
+| White House ||2010||[[The_Comprehensive_National_Cybersecurity_Initiative|The Comprehensive National Cybersecurity Initiative ]]||Yes||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]]
 |-
-| Department of Defense ||2005-||[[Strategy_for_Homeland_Defense_and_Civil_Support|Strategy for Homeland Defense and Civil Support ]]||U.S. Government Report ||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
+| White House (Office of Science & Technology Policy) ||2010-12-06||[http://www.whitehouse.gov/blog/2010/12/06/partnership-cybersecurity-innovation Partnership for Cybersecurity Innovation ]||No||U.S. Government Report||3.3.2.2 [[Financial Institutions and Networks]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]
 |-
-| President's Information Technology Advisory Council ||2005||[[Cyber_Security:_A_Crisis_of_Prioritization|Cyber Security: A Crisis of Prioritization ]]||U.S. Government Report ||4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||Yes
+| White House/Office of Management and Budget (OMB) ||2011-12-08||[http://www.cio.gov/fedrampmemo.pdf Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP) ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]
 |-
-| Deputy Chief of Staff for Intelligence ||2006||[[Critical_Infrastructure_Threats_and_Terrorism|Critical Infrastructure Threats and Terrorism ]]||U.S. Government Report ||3.3 [[Security Targets]],<br>4.11 [[Cybercrime]],<br>4.12 [[Cyberwar]]||Yes
+| White House/OMB||2009-05-29||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure ]||No||U.S. Government Report ||4. [[Issues]],<br>5. [[Approaches]]
 |-
-| National Science and Technology Council ||2006||[[Federal_Plan_for_Cyber_Security_and_Information_Assurance_Research_and_Development|Federal Plan for Cyber Security and Information Assurance Research and Development ]]||U.S. Government Report ||4.1 [[Metrics]],<br>4.7 [[Attribution]],<br>4.8 [[Public-Private Cooperation]]||Yes
+| White House/OMB||2010-03-02||[http://www.whitehouse.gov/cybersecurity/comprehensive-national-cybersecurity-initiative Comprehensive National Cybersecurity Initiative (CNCI) ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| National Institute of Standards and Technology ||2006||[[SP_800-82:_Guide_to_Supervisory_Control_and_Data_Acquisition_(SCADA)_and_Industrial_Control_Systems_Security|SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security ]]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>.2.1 [[Risk Management and Investment]],<br>5.2 [[Private Efforts/Organizations]]||Yes
+| White House/OMB||2010-06-25||[http://www.dhs.gov/xlibrary/assets/ns_tic.pdf The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]
 |-
-| Department of Defense ||2007||[[Mission_Impact_of_Foreign_Influence_on_DoD_Software|Mission Impact of Foreign Influence on DoD Software ]]||U.S. Government Report ||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
+| White House/OMB||2010-07-06||[http://www.whitehouse.gov/sites/default/files/omb/assets/memoranda_2010/m10-28.pdf Clarifying Cybersecurity Responsibilities ]||No||U.S. Government Report ||5.3 [[Government Organizations]]
 |-
-| Department of Homeland Security ||2009||[[A_Roadmap_for_Cybersecurity_Research|A Roadmap for Cybersecurity Research ]]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||Yes
+| White House/OMB||2010-12-09||[http://www.cio.gov/documents/25-Point-Implementation-Plan-to-Reform-Federal%20IT.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management ]||No||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| White House ||2009||[[Cyberspace_Policy_Review|Cyberspace Policy Review ]]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[Government Organizations]]||Yes
+| White House/OMB||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| Networking and Information Technology Research and Development ||2009||[[National_Cyber_Leap_Year_Summit_2009,_Co-Chairs%27_Report|National Cyber Leap Year Summit 2009, Co-Chairs' Report ]]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]],<br>5.7 [[Technology]]||Yes
+| White House/OMB||2011-05-12||[http://www.whitehouse.gov/the-press-office/2011/05/12/fact-sheet-cybersecurity-legislative-proposal Cybersecurity Legislative Proposal (Fact Sheet) ]||No||U.S. Government Report ||4. [[Issues]],<br>5.3 [[Government Organizations]]
 |-
-| Department of Commerce ||2010||[[Defense_Industrial_Base_Assessment|Defense Industrial Base Assessment ]]||U.S. Government Report ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||Yes
+| White House/OMB||2011-05-16||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace ]||No||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]
 |-
-| White House ||2010||[[The_Comprehensive_National_Cybersecurity_Initiative|The Comprehensive National Cybersecurity Initiative ]]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes
+| White House/OMB||2011-09-14||[http://www.whitehouse.gov/sites/default/files/omb/memoranda/2011/m11-33.pdf FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa ]||No||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]
 |-
-| U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs) ||2010-009||[http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain Defending a New Domain ]||U.S. Government Report ||||No
+| White House/OMB||2011-10-07||[http://www.whitehouse.gov/the-press-office/2011/10/07/executive-order-structural-reforms-improve-security-classified-networks- Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]
 |-
-| Department of Defense ||2011-04||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DOD) ]||U.S. Government Report ||||No
+| White House/OMB||2011-12-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program ]||No||U.S. Government Report ||5.3 [[Government Organizations]],<br>5.7 [[Technology]]
 |-
-| Department of Energy, Office of Electricity Delivery & Energy Reliability ||Undated||[http://energy.gov/oe/technology-development/energy-delivery-systems-cybersecurity Cybersecurity for Energy Delivery Systems Program ]||U.S. Government Report ||3.3.2.1 [[Electricity]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||No
+| Wilshusen, Gregory C. and Powner, David A.||2009||[[Continued_Efforts_are_Needed_to_Protect_Information_Systems_from_Evolving_Threats|Continued Efforts Are Needed to Protect Information Systems from Evolving Threats]]||Yes||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]
 |-
-| GAO||2009-07||[http://www.gao.gov/new.items/d09546.pdf Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]]||No
+| Wilson, Clay||2007-03-20||[http://www.fas.org/sgp/crs/natsec/RL31787.pdf Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues]||No||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]]
 |-
-| GAO||2009-09||[http://www.gao.gov/new.items/d09617.pdf Information Security: Concerted Effort Needed to Improve Federal Performance Measures]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No
+| Zittrain, Jonathan L. ||2008||[[The_Future_of_the_Internet_and_How_To_Stop_It|The Future of the Internet and How To Stop It ]]||Yes||Book ||4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]]
 |-
-| General Services Administration (GSA) ||2012-02-07||[http://www.gsa.gov/graphics/staffoffices/FedRAMP_CONOPS.pdf Concept of Operations: FedRAMP ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No
+| Centre for Secure Information Technologies||2012||[http://www.csit.qub.ac.uk/sites/CSIT/InnovationatCSIT/Reports/Filetoupload,295595,en.pdf 2nd World Cyber security Technology Research Summit (Belfast 2012)]||No||Independent Report||
 |}