|
|
(20 intermediate revisions by 3 users not shown) |
Line 130: |
Line 130: |
| ! align="center" style="background-color:#f0f0f0;"|'''Date''' | | ! align="center" style="background-color:#f0f0f0;"|'''Date''' |
| ! align="center" style="background-color:#f0f0f0;"|'''Title''' | | ! align="center" style="background-color:#f0f0f0;"|'''Title''' |
| + | ! align="center" style="background:#f0f0f0;"|'''Wiki Entry''' |
| ! align="center" style="background:#f0f0f0;"|'''Type''' | | ! align="center" style="background:#f0f0f0;"|'''Type''' |
| ! align="center" style="background:#f0f0f0;"|'''Category''' | | ! align="center" style="background:#f0f0f0;"|'''Category''' |
− | ! align="center" style="background:#f0f0f0;"|'''Wiki Entry'''
| |
| |- | | |- |
| |- | | |- |
− | | Schneier, Bruce ||2003||[[Beyond_Fear|Beyond Fear ]]||Book ||3.2 [[Actors and Incentives]],<br>4.5 [[Psychology and Politics]],<br>5.6 [[Deterrence]]||Yes | + | | Aloise, Gene et al.||2008||[[Nuclear_Security|Nuclear Security]]||Yes||U.S. Government Report||3.3 [[Security Targets]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]] |
| + | |- |
| + | | Anderson, Ross ||2001||[[Why_Information_Security_is_Hard|Why Information Security is Hard ]]||Yes||Independent Report ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]],<br>5.1 [[Regulation/Liability]] |
| + | |- |
| + | | Anderson, Ross ||2006||[[The_Economics_of_Information_Security|The Economics of Information Security ]]||Yes||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]] |
| + | |- |
| + | | Anderson, Ross J. ||2008||[[Security_Engineering|Security Engineering ]]||Yes||Book ||3.2 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]] |
| + | |- |
| + | | Anderson, Ross, et. al ||2008||[[Security_Economics_and_the_Internal_Market|Security Economics and the Internal Market ]]||Yes||Article||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.6 [[Deterrence]] |
| + | |- |
| + | | Arora et al. ||2006||[[Does_Information_Security_Attack_Frequency_Increase_With_Vulnerability_Disclosure|Does Information Security Attack Frequency Increase With Vulnerability Disclosure ]]||Yes||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]] |
| + | |- |
| + | | Aviram, Amitai ||2004||[[Overcoming_Impediments_to_Information_Sharing|Overcoming Impediments to Information Sharing ]]||Yes||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]] |
| + | |- |
| + | | Barkham, Jason ||2001||[[Information_Warfare_and_International_Law_on_the_Use_of_Force|Information Warfare and International Law on the Use of Force ]]||Yes||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| + | |- |
| + | | Bauer, Johannes M. and van Eeten, Michel J. G.||2009||[[Cybersecurity|Cybersecurity: Stakeholder Incentives, Externalities, and Policy Options]]||Yes||Journal Article||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]] |
| + | |- |
| + | | Beard, Jack M. ||2009||[[Law_and_War_in_the_Virtual_Era|Law and War in the Virtual Era ]]||Yes||Journal Article ||4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| + | |- |
| + | | Bellovin, Steven M.||2009||[[The_Government_and_Cybersecurity|The Government and Cybersecurity]]||Yes||Journal Article||3.2 [[Actors and Incentives]],<br>4.7[[Public-Private Cooperation]] |
| + | |- |
| + | | Besunder, Allison A.||2009||[[Best_Practices_for_Data_Protection_and_Privacy|Best Practices for Data Protection and Privacy]]||Yes||Book||4.6 [[Information Sharing/Disclosure]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]] |
| + | |- |
| + | | Boebert, W. Earl||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059366.pdf A Survey of Challenges in Attribution]||No||Journal Article||4.8 [[Attribution]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| + | |- |
| + | | Bohme, Rainer ||2005||[[Cyber-Insurance_Revisited|Cyber-Insurance Revisited ]]||Yes||Independent Report ||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,4.2.5 [[Market Failure]] |
| + | |- |
| + | | Bohme, Rainer ||2006||[[Models_and_Measures_for_Correlation_in_Cyber-Insurance|Models and Measures for Correlation in Cyber-Insurance ]]||Yes||Independent Report ||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]] |
| + | |- |
| + | | Bohme, Rainer ||2010||[[Modeling_Cyber-Insurance|Modeling Cyber-Insurance ]]||Yes||Independent Report ||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,5.2 [[Private Efforts/Organizations]] |
| + | |- |
| + | | Booz Allen Hamilton and the Economist Intelligence Unit ||2012-01-15||[http://www.cyberhub.com/CyberPowerIndex Cyber Power Index ]||No||Industry Report||4. [[Issues]],<br>4.1 [[Metrics]],<br>5. [[Approaches]] |
| + | |- |
| + | | Bradley, Curtis A. and Goldsmith, Jack L.||2011||[[Overview_of_International_Law_and_Institutions|Overview of International Law and Institutions]]||Yes||Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| + | |- |
| + | | Brown, Davis ||2006||[[A_Proposal_for_an_International_Convention_To_Regulate_the_Use_of_Information_Systems_in_Armed_Conflict|A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict ]]||Yes||Journal Article ||3.3.1.2 [[Military Networks (.mil)]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| + | |- |
| + | | Burstein, Aaron J.||2008||[[Amending_The_ECPA_To_Enable_a_Culture_of_Cybersecurity_Research|Amending the ECPA to Enable a Culture of Cybersecurity Research]]||Yes||Journal Article||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]] |
| + | |- |
| + | | Business Roundtable||2011-10-11||[http://businessroundtable.org/uploads/studies-reports/downloads/2011_10_Mission_Critical_A_Public-Private_Strategy_for_Effective_Cybersecurity.pdf Mission Critical: A Public-Private Strategy for Effective Cybersecurity ]||No||Independent Report|| |
| + | |- |
| + | | Business Software Alliance ||2012-02-02||Global Cloud Computing Scorecard a Blueprint for Economic Opportunity||No||Industry Report||3.3.3.3 [[Cloud Computing]] |
| + | |- |
| + | | Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America ||2011-03-08||[http://www.cdt.org/files/pdfs/20110308_cbyersec_paper.pdf Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper ]||No||Industry Report||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5. [[Approaches]] |
| + | |- |
| + | | Cabinet Office (United Kingdom) ||2011-11-11||[http://www.cabinetoffice.gov.uk/sites/default/files/resources/uk-cyber-security-strategy-final.pdf The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world ]||No||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| + | |- |
| + | | Camp, L. Jean ||2004||[[Economics_of_Information_Security|Economics of Information Security ]]||Yes||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]] |
| + | |- |
| + | | Camp, L. Jean ||2004||[[Pricing_Security|Pricing Security ]]||Yes||Book ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]] |
| + | |- |
| + | | Center for a New American Security||2012-06-11||[http://www.cnas.org/node/6405 America’s Cyber Future: Security and Prosperity in the Information Age ]||No||Independent Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]] |
| + | |- |
| + | | Center for Strategic and International Studies ||2008||[[Securing_Cyberspace_for_the_44th_Presidency|Securing Cyberspace for the 44th Presidency ]]||Yes||Independent Report ||4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]],<br>5.4 [[International Cooperation]] |
| + | |- |
| + | | Centre for Secure Information Technologies||2011||[http://www.csit.qub.ac.uk/sites/CSIT/InnovationatCSIT/Reports/Filetoupload,295594,en.pdf World Cybersecurity Technology Research Summit (Belfast 2011) ]||No||Independent Report|| |
| + | |- |
| + | | Cetron, Marvin J. and Davies, Owen||2009||[[World_War_3.0:_Ten_Critical_Trends_for_Cybersecurity|World War 3.0: Ten Critical Trends for Cybersecurity]]||Yes||Journal Article||3.2 [[Actors and Incentives]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.12 [[Cyberwar]] |
| + | |- |
| + | | Clark, David and Landau, Susan||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059365.pdf Untangling Attribution]||No||Journal Article||4.8 [[Attribution]],<br>5.6 [[Deterrence]],<br>5.7 [[Technology]] |
| + | |- |
| + | | Clarke, Richard A. ||2010||[[Cyber_War|Cyber War ]]||Yes||Book ||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]] |
| + | |- |
| + | | Clinton, Larry ||Undated ||[[Cyber-Insurance_Metrics_and_Impact_on_Cyber-Security|Cyber-Insurance Metrics and Impact on Cyber-Security ]]||Yes||Independent Report ||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]] |
| + | |- |
| + | | Cloud Security Alliance ||2009-12||[http://www.cloudsecurityalliance.org/csaguide.pdf Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 ]||No||Independent Report||3.3.3.3 [[Cloud Computing]],<br>4. [[Issues]],<br>5.2 [[Private Efforts/Organizations]] |
| + | |- |
| + | | Cohen, Geoff||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059445.pdf Targeting Third Party Collaboration]||No||Journal Article||3.1 [[The Threat and Skeptics]],<br>4.7 [[Public-Private Cooperation]],<br>4.11 [[Cybercrime]] |
| + | |- |
| + | | Computer Economics, Inc. ||2007||[[2007_Malware_Report|2007 Malware Report ]]||Yes||Industry Report ||4.2 [[Economics of Cybersecurity]] |
| + | |- |
| + | | Computing Research Association ||2003-||[[Four_Grand_Challenges_in_Trustworthy_Computing|Four Grand Challenges in Trustworthy Computing ]]||Yes||Independent Report ||4.4 [[Usability/Human Factors]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]] |
| + | |- |
| + | | Cornish, Paul||2009||[[Cyber_Security_and_Politically,_Socially_and_Religiously_Motivated_Cyber_Attacks|Cyber Security and Politically, Socially and Religiously Motivated Cyber Attacks]]||Yes||Non-U.S. Government Report||3.2 [[Actors and Incentives]],<br>5.4 [[International Cooperation]] |
| + | |- |
| + | | Cornish, Paul et al.||2009||[[Cyberspace_and_the_National_Security_of_the_United_Kingdom|Cyberspace and the National Security of the United Kingdom - Threats and Responses]]||Yes||Independent Report||3. [[Threats and Actors]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| + | |- |
| + | | Council on Foreign Relations ||2010-07-15||[http://i.cfr.org/content/publications/attachments/Knake%20-Testimony%20071510.pdf Untangling Attribution: Moving to Accountability in Cyberspace [Testimony]]||No||Independent Report||3.2 [[Actors and Incentives]],<br>4.8 [[Attribution]],<br>5. [[Approaches]] |
| + | |- |
| + | | CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies ||2011-01||[http://csis.org/files/publication/110128_Lewis_CybersecurityTwoYearsLater_Web.pdf Cybersecurity Two Years Later ]||No||Independent Report||3. [[Threats and Actors]],<br>5. [[Approaches]],<br>5.3 [[Government Organizations]] |
| + | |- |
| + | | Cyber Security Forum Initiative ||2011-05-09||[http://www.unveillance.com/wp-content/uploads/2011/05/Project_Cyber_Dawn_Public.pdf Cyber Dawn: Libya ]||No||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]] |
| + | |- |
| + | | Department of Commerce ||2011-06-14||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]] |
| + | |- |
| + | | Department of Commerce ||2010||[[Defense_Industrial_Base_Assessment|Defense Industrial Base Assessment ]]||Yes||U.S. Government Report ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]] |
| + | |- |
| + | | Department of Commerce, Internet Policy Task Force||2011-06||[http://www.nist.gov/itl/upload/Cybersecurity_Green-Paper_FinalVersion.pdf Cybersecurity, Innovation and the Internet Economy]||No||U.S. Government Report||4.2 [[Economics of Cybersecurity]],<br>4.7 [[Public-Private Cooperation]] |
| + | |- |
| + | | Department of Defense ||2011-07-14||[http://www.defense.gov/news/d20110714cyber.pdf Department of Defense Strategy for Operating in Cyberspace ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]] |
| + | |- |
| + | | Department of Defense ||2011-11-15||[http://www.defense.gov/home/features/2011/0411_cyberstrategy/docs/NDAA%20Section%20934%20Report_For%20webpage.pdf Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934 ]||No||U.S. Government Report||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| + | |- |
| + | | Department of Defense ||2012-02-16||[http://www.fas.org/sgp/othergov/dod/5200_01v1.pdf DOD Information Security Program: Overview, Classification, and Declassification ]||No||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]] |
| + | |- |
| + | | Department of Defense ||2012-04-11||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DoD) ]||No||U.S. Government Report|| |
| + | |- |
| + | | Department of Defense ||1999||[[An_Assessment_of_International_Legal_Issues_in_Information_Operations|An Assessment of International Legal Issues in Information Operations ]]||Yes||U.S. Government Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| + | |- |
| + | | Department of Defense ||2005-||[[Strategy_for_Homeland_Defense_and_Civil_Support|Strategy for Homeland Defense and Civil Support ]]||Yes||U.S. Government Report ||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| + | |- |
| + | | Department of Defense ||2007||[[Mission_Impact_of_Foreign_Influence_on_DoD_Software|Mission Impact of Foreign Influence on DoD Software ]]||Yes||U.S. Government Report ||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Camp, L. Jean ||2004||[[Economics_of_Information_Security|Economics of Information Security ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Department of Defense ||2011-04||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DOD) ]||No||U.S. Government Report || |
| |- | | |- |
− | | Camp, L. Jean ||2004||[[Pricing_Security|Pricing Security ]]||Book ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]]||Yes | + | | Department of Energy||2012-04||[http://energy.gov/sites/prod/files/OAS-RA-12-04.pdf The Department's Management of the Smart Grid Investment Grant Program]||No||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.2.1 [[Risk Management and Investment]] |
| |- | | |- |
− | | Varian, Hal ||2004||[[System_Reliability_and_Free_Riding|System Reliability and Free Riding ]]||Book ||4.2 [[Economics of Cybersecurity]]||Yes | + | | Department of Energy (DOE) Inspector General ||2012-01-01||[http://energy.gov/ig/downloads/departments-management-smart-grid-investment-grant-program-oas-ra-12-04 The Department’s Management of the Smart Grid Investment Grant Program ]||No||U.S. Government Report ||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Grady, Mark F. ||2006||[[The_Law_and_Economics_of_Cybersecurity|The Law and Economics of Cybersecurity ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Department of Energy, Idaho National Laboratory ||2010-05-01||[http://www.fas.org/sgp/eprint/nstb.pdf NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses ]||No||U.S. Government Report||3.3.2 [[Private Critical Infrastructure]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Gandal, Neil ||2008||[[An_Introduction_to_Key_Themes_in_the_Economics_of_Cyber_Security|An Introduction to Key Themes in the Economics of Cyber Security ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.7 [[Technology]]||Yes | + | | Department of Energy, Office of Electricity Delivery & Energy Reliability ||Undated||[http://energy.gov/oe/technology-development/energy-delivery-systems-cybersecurity Cybersecurity for Energy Delivery Systems Program ]||No||U.S. Government Report ||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Johnson, Eric M. ||2008||[[Managing_Information_Risk_and_the_Economics_of_Security|Managing Information Risk and the Economics of Security ]]||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Department of Homeland Security||2009-09-16||[http://www.cyber.st.dhs.gov/docs/National_Cyber_Leap_Year_Summit_2009_Co-Chairs_Report.pdf National Cyber Leap Year Summit 2009: Co-Chairs' Report]||No||U.S. Government Report||3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>4.8 [[Attribution]] |
| |- | | |- |
− | | Schneier, Bruce ||2008||[[Schneier_on_Security|Schneier on Security ]]||Book ||3.2 [[Actors and Incentives]],<br>4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Department of Homeland Security||2007-06||[http://www.oig.dhs.gov/assets/Mgmt/OIG_07-48_Jun07.pdf Challenges Remain in Securing the Nation’s Cyber Infrastructure]||No||U.S. Government Report||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Anderson, Ross J. ||2008||[[Security_Engineering|Security Engineering ]]||Book ||3.2 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Department of Homeland Security||2009-11||[http://www.cyber.st.dhs.gov/docs/DHS-Cybersecurity-Roadmap.pdf A Roadmap for Cybersecurity Research]||No||U.S. Government Report||1. [[Overview]],<br>4.2.1 [[Risk Management and Investment]] |
| |- | | |- |
− | | Zittrain, Jonathan L. ||2008||[[The_Future_of_the_Internet_and_How_To_Stop_It|The Future of the Internet and How To Stop It ]]||Book ||4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Department of Homeland Security||2010-08||[http://www.dhs.gov/xoig/assets/mgmtrpts/OIG_10-111_Aug10.pdf DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems]||No||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Kramer, Franklin D., et. al ||2009||[[Cyberpower_and_National_Security|Cyberpower and National Security ]]||Book ||1. [[Overview]]||Yes | + | | Department of Homeland Security||2010-09||[http://www.federalnewsradio.com/pdfs/NCIRP_Interim_Version_September_2010.pdf National Cyber Incident Response Plan]||No||U.S. Government Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Moore, Tyler ||2009||[[The_Impact_of_Incentives_on_Notice_and_Take-down|The Impact of Incentives on Notice and Take-down ]]||Book ||4.2.2 [[Incentives]],<br>4.11 [[Cybercrime]],<br>5.4 [[International Cooperation]]||Yes | + | | Department of Homeland Security||2011-11||[http://www.dhs.gov/xlibrary/assets/nppd/blueprint-for-a-secure-cyber-future.pdf Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise]||No||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Nye, Joseph ||2010||[[Cyber_Power|Cyber Power ]]||Book ||4.12 [[Cyberwar]],<br>4.13 [[Espionage]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | Department of Homeland Security ||2003||[[The_National_Strategy_for_the_Physical_Protection_of_Critical_Infrastructures_and_Key_Assets|The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets ]]||Yes||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Clarke, Richard A. ||2010||[[Cyber_War|Cyber War ]]||Book ||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]]||Yes | + | | Department of Homeland Security ||2009||[[A_Roadmap_for_Cybersecurity_Research|A Roadmap for Cybersecurity Research ]]||Yes||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Rotenberg et. al. ||2010||[[The_Cyber_War_Threat_Has_Been_Grossly_Exaggerated|The Cyber War Threat Has Been Grossly Exaggerated ]]||Article||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]]||Yes | + | | Department of Justice||2011-04||[http://www.justice.gov/oig/reports/FBI/a1122r.pdf The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat]||No||U.S. Government Report||4.6 [[Information Sharing/Disclosure]],<br>4.11 [[Cybercrime]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum ||2009-09-15||[http://nationalstrategy.com/Portals/0/National%20Security%20Threats%20in%20Cyberspace%20FINAL%2009-15-09.pdf National Security Threats in Cyberspace ]||Independent Report||||No | + | | Deputy Chief of Staff for Intelligence ||2006||[[Critical_Infrastructure_Threats_and_Terrorism|Critical Infrastructure Threats and Terrorism ]]||Yes||U.S. Government Report ||3.3 [[Security Targets]],<br>4.11 [[Cybercrime]],<br>4.12 [[Cyberwar]] |
| |- | | |- |
− | | IEEE/EastWest Institute ||2010-05-26||[http://www.ieee-rogucci.org/files/The%20ROGUCCI%20Report.pdf The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report) ]||Independent Report||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.4 [[International Cooperation]]||No | + | | Dörmann, Knut ||2004||[[Applicability_of_the_Additional_Protocols_to_Computer_Network_Attacks|Applicability of the Additional Protocols to Computer Network Attacks ]]||Yes||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Pew Research Center’s Internet & American Life Project ||2010-06-11||[http://pewinternet.org/Reports/2010/The-future-of-cloud-computing.aspx The future of cloud computing ]||Independent Report||3.3.3.3 [[Cloud Computing]]||No | + | | Douglas Maughan||2010||[[The_Need_for_a_National_Cybersecurity_Research_and_Development_Agenda|The Need for a National Cybersecurity Research and Development Agenda]]||Yes||Article||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Council on Foreign Relations ||2010-07-15||[http://i.cfr.org/content/publications/attachments/Knake%20-Testimony%20071510.pdf Untangling Attribution: Moving to Accountability in Cyberspace [Testimony]]||Independent Report||3.2 [[Actors and Incentives]],<br>4.8 [[Attribution]],<br>5. [[Approaches]]||No | + | | Dunlap Charles J, Jr ||2011||[[Perspectives_for_Cyber_Strategists_on_Law_for_Cyberwar|Perspectives for Cyber Strategists on Law for Cyberwar]]||Yes||Journal Article||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | National Research Council ||2010-09-21||[http://www.nap.edu/catalog.php?record_id=12998 Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop ]||Independent Report||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>4.10 [[Privacy]]||No | + | | Dunlap, Charles J. Jr. ||2009||[[Towards_a_Cyberspace_Legal_Regime_in_the_Twenty-First_Century|Towards a Cyberspace Legal Regime in the Twenty-First Century ]]||Yes||Article||4.5 [[Psychology and Politics]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | National Research Council ||2010-10-05||[http://www.nap.edu/catalog.php?record_id=12997#description Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy ]||Independent Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No | + | | EastWest Institute ||2011-02-03||[http://vialardi.org/nastrazzuro/pdf/US-Russia.pdf Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace ]||No||Independent Report||3.2.1 [[States]],<br>5.4 [[International Cooperation]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | National Security Initiative ||2010-10-18||[http://www.americansecuritychallenge.com/ American Security Challenge ]||Independent Report||||No | + | | Energetics Inc. ||2006||[[Roadmap_to_Secure_Control_Systems_in_the_Energy_Sector|Roadmap to Secure Control Systems in the Energy Sector ]]||Yes||Independent Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | Organisation for Economic Co-operation and Development (OECD) ||2010-11-12||[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.165.2211&rep=rep1&type=pdf The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data ]||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No | + | | Energy Sector Control Systems Working Group||2011-09||[http://www.cyber.st.dhs.gov/wp-content/uploads/2011/09/Energy_Roadmap.pdf Roadmap to Achieve Energy Delivery Systems Cybersecurity]||No||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | Institute for Science and International Security ||2010-12-22||[http://isis-online.org/isis-reports/detail/did-stuxnet-take-out-1000-centrifuges-at-the-natanz-enrichment-plant/ Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment ]||Independent Report||3. [[Threats and Actors]],<br>3.3 [[Security Targets]],<br>5.7 [[Technology]]||No | + | | ENISA||2010||[[Introduction_to_Country_Reports|Introduction to Country Reports]]||Yes||Non-U.S. Government Report||3.2.1 [[States]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]] |
| |- | | |- |
− | | Threat Level Blog (Wired) ||2010-12-27||[http://www.wired.com/threatlevel/2010/12/a-four-day-dive-into-stuxnets-heart/ A Four-Day Dive Into Stuxnet’s Heart ]||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No | + | | Epstein, Richard A. ||2008||[[Cybersecurity_in_the_Payment_Card_Industry|Cybersecurity in the Payment Card Industry ]]||Yes||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research ||2011-01-13||[http://www.isi.edu/deter/news/news.php?story=20 Design of the DETER Security Testbed ]||Independent Report||5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | European Network and Information Security Agency ||2010-10-07||[http://www.enisa.europa.eu/media/press-releases/stuxnet-analysis Stuxnet Analysis ]||No||Non-U.S. Government Report||3. [[Threats and Actors]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | EastWest Institute ||2011-02-03||[http://vialardi.org/nastrazzuro/pdf/US-Russia.pdf Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace ]||Independent Report||3.2.1 [[States]],<br>5.4 [[International Cooperation]],<br>5.5 [[International Law (including Laws of War)]]||No | + | | European Network and Information Security Agency (ENISA) ||2011-04-11||[http://www.enisa.europa.eu/act/res/other-areas/inter-x/report/interx-report Resilience of the Internet Interconnection Ecosystem, at: ]||No||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]] |
| |- | | |- |
− | | Massachusetts Institute of Technology (MIT) ||2011-12-05||[http://web.mit.edu/mitei/research/studies/the-electric-grid-2011.shtml The Future of the Electric Grid ]||Independent Report||3.3.2.1 [[Electricity]],<br>4. [[Issues]],<br>5.1 [[Regulation/Liability]]||No | + | | Federal CIO Council ||2012-01-04||[http://www.gsa.gov/portal/category/102371 Federal Risk and Authorization Management Program (FedRAMP) ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | RAND||2011-12-21||[http://www.rand.org/content/dam/rand/pubs/occasional_papers/2011/RAND_OP342.pdf A Cyberworm that Knows No Boundaries ]||Independent Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | Federal Communications Commission (FCC) ||2010-04-21||[http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-305618A1.doc Explore the reliability and resiliency of commercial broadband communications networks ]||No||U.S. Government Report||3.3.3 [[Communications]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | National Association of Secretaries of State ||2012-01-12||[http://www.nass.org/index.php?option=com_docman&task=doc_download&gid=1257 Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices ]||Independent Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No | + | | Federal Communications Commission (FCC) ||2011-06-03||[ftp://ftp.fcc.gov/pub/Daily_Releases/Daily_Business/2011/db0610/DOC-307454A1.txt FCC's Plan for Ensuring the Security of Telecommunications Networks ]||No||U.S. Government Report|| |
| |- | | |- |
− | | International Telecommunications Union ||2012-02-10||[http://www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-toolkit-cybercrime-legislation.pdf ITU Toolkit for Cybercrime Legislation ]||Independent Report||||No | + | | Financial Services Sector Coordinating Council for Critical Infrastructure Protection ||2008||[[Research_Agenda_for_the_Banking_and_Finance_Sector|Research Agenda for the Banking and Finance Sector ]]||Yes||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]] |
| |- | | |- |
− | | Center for a New American Security||2012-06-11||[http://www.cnas.org/node/6405 America’s Cyber Future: Security and Prosperity in the Information Age ]||Independent Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]]||No | + | | Fischer, Eric A.<br />CRS||2012-04-23||[http://www.fas.org/sgp/crs/natsec/R42114.pdf Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions]||No||U.S. Government Report||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | National Security Cyberspace Institute||2012-07-11||[http://www.nsci-va.org/WhitePapers/2011-07-22-Cyber Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies ]||Independent Report||||No | + | | Franklin, Jason, et. al ||2007||[[An_Inquiry_into_the_Nature_and_Causes_of_the_Wealth_of_Internet_Miscreants|An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants ]]||Yes||Independent Report ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]] |
| |- | | |- |
− | | Centre for Secure Information Technologies||2012-09-11||[http://www.csit.qub.ac.uk/media/pdf/Filetoupload,252359,en.pdf World Cybersecurity Technology Research Summit (Belfast 2011) ]||Independent Report||||No | + | | Gandal, Neil ||2008||[[An_Introduction_to_Key_Themes_in_the_Economics_of_Cyber_Security|An Introduction to Key Themes in the Economics of Cyber Security ]]||Yes||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Business Roundtable||2012-10-11||[http://businessroundtable.org/uploads/studies-reports/downloads/2011_10_Mission_Critical_A_Public-Private_Strategy_for_Effective_Cybersecurity.pdf Mission Critical: A Public-Private Strategy for Effective Cybersecurity ]||Independent Report||||No | + | | GAO||2003-08-27||[http://www.gao.gov/products/GAO-03-760 Efforts to Improve Information sharing Need to Be Strengthened ]||No||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Mitre Corp (JASON Program Office) ||2012-11-10||[http://www.fas.org/irp/agency/dod/jason/cyber.pdf Science of Cyber-Security ]||Independent Report||1. [[Overview]],<br>4. [[Issues]]||No | + | | GAO||2004-05-28||[http://www.gao.gov/assets/160/157541.pdf Technology Assessment: Cybersecurity for Critical Infrastructure Protection]||No||U.S. Government Report||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Cloud Security Alliance ||2012-12-09||[http://www.cloudsecurityalliance.org/csaguide.pdf Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 ]||Independent Report||3.3.3.3 [[Cloud Computing]],<br>4. [[Issues]],<br>5.2 [[Private Efforts/Organizations]]||No | + | | GAO||2008-07-31||[http://www.gao.gov/assets/280/279084.pdf Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability]||No||U.S. Government Report||5.3 [[Government Organizations]] |
| |- | | |- |
− | | CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies ||2011-01||[http://csis.org/files/publication/110128_Lewis_CybersecurityTwoYearsLater_Web.pdf Cybersecurity Two Years Later ]||Independent Report||3. [[Threats and Actors]],<br>5. [[Approaches]],<br>5.3 [[Government Organizations]]||No | + | | GAO||2009-09-24||[http://www.gao.gov/new.items/d09969.pdf Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment]||No||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Software and Information Industry Association (SAII) ||2011-07-26||[http://www.siia.net/index.php?option=com_docman&task=doc_download&gid=3040&Itemid=318 Guide to Cloud Computing for Policy Makers ]||Independent Report ||3.3.3.3 [[Cloud Computing]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No | + | | GAO||2009-11-17||[http://www.gao.gov/products/GAO-10-230t Continued Efforts Are Needed to Protect Information Systems from Evolving Threats ]||No||U.S. Government Report ||3.2 [[Actors and Incentives]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Organization for Economic Co-operation and Development (OECD) ||2012-01-10||[http://www.oecd-ilibrary.org/docserver/download/fulltext/5k9h2q8v9bln.pdf?expires=1330527950&id=id&accname=guest&checksum=F4470043AC638BE19D5131C3D5CE5EA4 ICT Applications for the Smart Grid: Opportunities and Policy Implications ]||Independent Report ||||No | + | | GAO||2010-03-05||[http://www.gao.gov/products/GAO-10-338 Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | National Research Council ||1999||[[Trust_in_Cyberspace|Trust in Cyberspace ]]||Independent Report ||3.3.3.2 [[Public Data Networks]],<br>4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]]||Yes | + | | GAO||2010-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Anderson, Ross ||2001||[[Why_Information_Security_is_Hard|Why Information Security is Hard ]]||Independent Report ||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]],<br>5.1 [[Regulation/Liability]]||Yes | + | | GAO||2010-03-24||[http://www.gao.gov/products/GAO-10-536t Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at: ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Computing Research Association ||2003-||[[Four_Grand_Challenges_in_Trustworthy_Computing|Four Grand Challenges in Trustworthy Computing ]]||Independent Report ||4.4 [[Usability/Human Factors]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]]||Yes | + | | GAO||2010-04-12||[http://www.gao.gov/products/GAO-10-237 Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Institute for Information Infrastructure Protection ||2003||[[Cyber_Security_Research_and_Development_Agenda|Cyber Security Research and Development Agenda ]]||Independent Report ||4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||Yes | + | | GAO||2010-06-03||[http://www.gao.gov/assets/310/305208.pdf Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development]||No||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Dörmann, Knut ||2004||[[Applicability_of_the_Additional_Protocols_to_Computer_Network_Attacks|Applicability of the Additional Protocols to Computer Network Attacks ]]||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | GAO||2010-06-16||[http://www.gao.gov/products/GAO-10-834t Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Schmitt, Michael N., et. al ||2004||[[Computers_and_War|Computers and War ]]||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | GAO||2010-07-01||[http://www.gao.gov/products/GAO-10-513 Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Lernard, Thomas M. ||2005||[[An_Economic_Analysis_of_Notification_Requirements_for_Data_Security_Breaches|An Economic Analysis of Notification Requirements for Data Security Breaches ]]||Independent Report ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes | + | | GAO||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||No||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Bohme, Rainer ||2005||[[Cyber-Insurance_Revisited|Cyber-Insurance Revisited ]]||Independent Report ||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,4.2.5 [[Market Failure]]||Yes | + | | GAO||2010-08-02||[http://www.gao.gov/products/GAO-10-606 United States Faces Challenges in Addressing Global Cybersecurity and Governance ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]] |
| |- | | |- |
− | | Bohme, Rainer ||2006||[[Models_and_Measures_for_Correlation_in_Cyber-Insurance|Models and Measures for Correlation in Cyber-Insurance ]]||Independent Report ||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]]||Yes | + | | GAO||2010-09-15||[http://www.gao.gov/products/GAO-10-916 Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Energetics Inc. ||2006||[[Roadmap_to_Secure_Control_Systems_in_the_Energy_Sector|Roadmap to Secure Control Systems in the Energy Sector ]]||Independent Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||Yes | + | | GAO||2010-09-23||[http://www.gao.gov/products/GAO-10-772 DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened ]||No||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Franklin, Jason, et. al ||2007||[[An_Inquiry_into_the_Nature_and_Causes_of_the_Wealth_of_Internet_Miscreants|An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants ]]||Independent Report ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]||Yes | + | | GAO||2010-10-06||[http://www.gao.gov/products/GAO-11-24 Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed ]||No||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Moore, Tyler ||2007||[[Examining_the_Impact_of_Website_Take-down_on_Phishing|Examining the Impact of Website Take-down on Phishing ]]||Independent Report ||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.7 [[Technology]]||Yes | + | | GAO||2010-11-30||[http://www.gao.gov/products/GAO-11-43 Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk ]||No||U.S. Government Report ||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | National Research Council ||2007||[[Toward_a_Safer_and_More_Secure_Cyberspace|Toward a Safer and More Secure Cyberspace ]]||Independent Report ||1. [[Overview]],<br>4.8 [[Attribution]],<br>5.6 [[Deterrence]]||Yes | + | | GAO||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||No||U.S. Government Report ||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Romanosky et al. ||2008||[[Do_Data_Breach_Disclosure_Laws_Reduce_Identity_Theft|Do Data Breach Disclosure Laws Reduce Identity Theft ]]||Independent Report ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes | + | | GAO||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||No||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Financial Services Sector Coordinating Council for Critical Infrastructure Protection ||2008||[[Research_Agenda_for_the_Banking_and_Finance_Sector|Research Agenda for the Banking and Finance Sector ]]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]]||Yes | + | | GAO||2011-07-08||[http://www.gao.gov/products/GAO-11-149 Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain ]||No||U.S. Government Report ||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Center for Strategic and International Studies ||2008||[[Securing_Cyberspace_for_the_44th_Presidency|Securing Cyberspace for the 44th Presidency ]]||Independent Report ||4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]],<br>5.4 [[International Cooperation]]||Yes | + | | GAO||2011-07-25||[http://www.gao.gov/products/GAO-11-75 Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Moore, Tyler ||2008||[[The_Consequence_of_Non-Cooperation_in_the_Fight_Against_Phishing|The Consequence of Non-Cooperation in the Fight Against Phishing ]]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]]||Yes | + | | GAO||2011-07-26||[http://www.gao.gov/products/GAO-11-463T Continued Attention Needed to Protect Our Nation’s Critical Infrastructure ]||No||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | National Cyber Defense Initiative ||2009||[[National_Cyber_Defense_Financial_Services_Workshop_Report|National Cyber Defense Financial Services Workshop Report ]]||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||Yes | + | | GAO||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Bohme, Rainer ||2010||[[Modeling_Cyber-Insurance|Modeling Cyber-Insurance ]]||Independent Report ||4.2.2 [[Incentives]],<br>4.2.3 [[Insurance]],<br>,5.2 [[Private Efforts/Organizations]]||Yes | + | | GAO||2011-10-03||[http://www.gao.gov/products/GAO-12-137 Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Clinton, Larry ||Undated ||[[Cyber-Insurance_Metrics_and_Impact_on_Cyber-Security|Cyber-Insurance Metrics and Impact on Cyber-Security ]]||Independent Report ||4.2.3 [[Insurance]],<br>5.2 [[Private Efforts/Organizations]]||Yes | + | | GAO||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | International Instrument Users Association (WIB) ||2010-11-10||[http://www.isssource.com/wib/ WIB Security Standard Released ]||Industry Report||3.3 [[Security Targets]],<br>5.4 [[International Cooperation]]||No | + | | GAO||2011-10-17||[http://www.gao.gov/products/GAO-11-634 Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management ]||No||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America ||2011-03-08||[http://www.cdt.org/files/pdfs/20110308_cbyersec_paper.pdf Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper ]||Industry Report||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5. [[Approaches]]||No | + | | GAO||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at: ]||No||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | McAfee and Center for Strategic and International Studies (CSIS) ||2011-04-21||[http://www.mcafee.com/us/resources/reports/rp-critical-infrastructure-protection.pdf In the Dark: Crucial Industries Confront Cyberattacks ]||Industry Report||3. [[Threats and Actors]],<br>3.3.2 [[Private Critical Infrastructure]],<br> [[4.7 Public-Private Cooperation]]||No | + | | GAO||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||No||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Cyber Security Forum Initiative ||2011-05-09||[http://www.unveillance.com/wp-content/uploads/2011/05/Project_Cyber_Dawn_Public.pdf Cyber Dawn: Libya ]||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No | + | | GAO||2012-01-13||[http://www.gao.gov/assets/590/587681.pdf Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements]||No||U.S. Government Report||3.3.1.2 [[Military Networks (.mil)]],<br>4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | National Cyber Security Alliance and Microsoft ||2011-05-13||[http://www.staysafeonline.org/sites/default/files/resource_documents/2011%20National%20K-12%20Study%20Final_0.pdf 2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey ]||Industry Report||4.4 [[Usability/Human Factors]]||No | + | | GAO||2012-02-28||[http://www.csit.qub.ac.uk/media/pdf/Filetoupload,252359,en.pdf Cybersecurity: Challenges to Securing the Modernized Electricity Grid ]||No||Non-U.S. Government Report || |
| |- | | |- |
− | | McAfee ||2011-08-02||[http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years ]||Industry Report||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.13 [[Espionage]]||No | + | | GAO||2009||[[Critical_Infrastructure_Protection|Critical Infrastructure Protection - Current Cyber Sector-Specific Planning Approach Needs Reassessment]]||Yes||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Symantec||2011-10-24||[http://www.symantec.com/connect/w32_duqu_precursor_next_stuxnet W32.Duqu: The Precursor to the Next Stuxnet ]||Industry Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No | + | | GAO||2009-07||[http://www.gao.gov/new.items/d09546.pdf Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses]||No||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Booz Allen Hamilton and the Economist Intelligence Unit ||2012-01-15||[http://www.cyberhub.com/CyberPowerIndex Cyber Power Index ]||Industry Report||4. [[Issues]],<br>4.1 [[Metrics]],<br>5. [[Approaches]]||No | + | | GAO||2009-09||[http://www.gao.gov/new.items/d09617.pdf Information Security: Concerted Effort Needed to Improve Federal Performance Measures]||No||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | McAfee ||2012-02-01||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf?cid=WBB048 Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World ]||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No | + | | GAO||2010||[[Information_Security|Information Security - Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies]]||Yes||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Business Software Alliance ||2012-02-02||[ Global Cloud Computing Scorecard a Blueprint for Economic Opportunity ]||Industry Report||3.3.3.3 [[Cloud Computing]]||No | + | | GAO ||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | McAfee and the Security Defense Agenda||2012-02-12||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World]||Industry Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]]||No | + | | Geer, Daniel E. and Conway, Daniel G.||2010||[[Nothing_Ventured,_Nothing_Gained|Nothing Ventured, Nothing Gained]]||Yes||Journal Article||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]] |
| |- | | |- |
− | | Microsoft||2012-11-10||[http://cdn.globalfoundationservices.com/documents/InformationSecurityMangSysforMSCloudInfrastructure.pdf Information Security Management System for Microsoft Cloud Infrastructure ]||Industry Report||3.3.3.3 [[Cloud Computing]],<br>5.2 [[Private Efforts/Organizations]]||No | + | | Gellman, Robert||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059444.pdf Civil Liberties and Privacy Implications of Policies to Prevent Cyberattacks ]||No||Journal Article||4.8 [[Attribution]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Computer Economics, Inc. ||2007||[[2007_Malware_Report|2007 Malware Report ]]||Industry Report ||4.2 [[Economics of Cybersecurity]]||Yes | + | | General Accountability Office (GAO) ||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||No||U.S. Government Report||3.3 [[Security Targets]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | Verizon ||2010||[[2010_Data_Breach_Investigations_Report|2010 Data Breach Investigations Report ]]||Industry Report ||3.3.2.2 [[Financial Institutions and networks]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]]||Yes | + | | General Accountability Office (GAO) ||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||No||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | HP TippingPoint DVLabs ||2010||[[2010_Top_Cyber_Security_Risks_Report|2010 Top Cyber Security Risks Report ]]||Industry report ||4.11 [[Cybercrime]],<br>5.7 [[Technology]]||Yes | + | | General Accountability Office (GAO) ||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||No||U.S. Government Report||3. [[Threats and Actors]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | McAfee, Inc. ||2010||[[McAfee_Threats_Report|McAfee Threats Report ]]||Industry Report ||3.2.3 [[Hacktivists]],<br>3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]]||Yes | + | | General Accountability Office (GAO) ||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates ]||No||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Symantec Corporation ||2010||[[Symantec_Global_Internet_Security_Threat_Report|Symantec Global Internet Security Threat Report ]]||Industry Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]]||Yes | + | | General Accountability Office (GAO) ||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination ]||No||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Trend Micro Incorporated ||2010||[[Trend_Micro_Annual_Report|Trend Micro Annual Report ]]||Industry Report ||4.11 [[Cybercrime]]||Yes | + | | General Accountability Office (GAO) ||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||No||U.S. Government Report || |
| |- | | |- |
− | | Journal of Strategic Studies ||2011-10-05||[http://www.tandfonline.com/doi/abs/10.1080/01402390.2011.6089393 Cyber War Will Not Take Place ]||Journal Article||||No | + | | General Services Administration (GSA) ||2012-02-07||[http://www.gsa.gov/graphics/staffoffices/FedRAMP_CONOPS.pdf Concept of Operations: FedRAMP ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Schmitt Michael N ||2002||[[Wired_Warfare| Wired warfare: Computer network attack and jus in bello]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | Grady, Mark F. ||2006||[[The_Law_and_Economics_of_Cybersecurity|The Law and Economics of Cybersecurity ]]||Yes||Book ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Schmitt Michael N ||2004||[[Direct_Participation_in_Hostilities|Direct Participation in Hostilities and 21st Century Armed Conflict]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | Graham David E ||2010||[[Cyber_Threats_and_the_Law_of_War| Cyber Threats and the Law of War]]||Yes||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Thom, Maxie ||2006||[[Information_Warfare_Arms_Control| Information Warfare Arms Control: Risks and Costs]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5. [[Approaches]]||Yes | + | | Granick, Jennifer Stisa ||2005||[[The_Price_of_Restricting_Vulnerability_Publications|The Price of Restricting Vulnerability Publications ]]||Yes||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Graham David E ||2010||[[Cyber_Threats_and_the_Law_of_War| Cyber Threats and the Law of War]]||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | Hollis, Duncan B. ||2007||[[Why_States_Need_an_International_Law_for_Information_Operations|Why States Need an International Law for Information Operations ]]||Yes||Journal Article ||4.12 [[Cyberwar]],<br>4.13.1 [[Government to Government|Government to Government Espionage]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Dunlap Charles J, Jr ||2011||[[Perspectives_for_Cyber_Strategists_on_Law_for_Cyberwar|Perspectives for Cyber Strategists on Law for Cyberwar]]||Journal Article||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | HP TippingPoint DVLabs ||2010||[[2010_Top_Cyber_Security_Risks_Report|2010 Top Cyber Security Risks Report ]]||Yes||Industry report ||4.11 [[Cybercrime]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Schmitt, Michael N. ||1999||[[Computer_Network_Attack_and_the_Use_of_Force_in_International_Law|Computer Network Attack and the Use of Force in International Law ]]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | IEEE/EastWest Institute ||2010-05-26||[http://www.ieee-rogucci.org/files/The%20ROGUCCI%20Report.pdf The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report) ]||No||Independent Report||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.4 [[International Cooperation]] |
| |- | | |- |
− | | Barkham, Jason ||2001||[[Information_Warfare_and_International_Law_on_the_Use_of_Force|Information Warfare and International Law on the Use of Force ]]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | Institute for Information Infrastructure Protection ||2003||[[Cyber_Security_Research_and_Development_Agenda|Cyber Security Research and Development Agenda ]]||Yes||Independent Report ||4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Swire, Peter P. ||2004||[[A_Model_for_When_Disclosure_Helps_Security|A Model for When Disclosure Helps Security ]]||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Institute for Science and International Security ||2010-12-22||[http://isis-online.org/isis-reports/detail/did-stuxnet-take-out-1000-centrifuges-at-the-natanz-enrichment-plant/ Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment ]||No||Independent Report||3. [[Threats and Actors]],<br>3.3 [[Security Targets]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Aviram, Amitai ||2004||[[Overcoming_Impediments_to_Information_Sharing|Overcoming Impediments to Information Sharing ]]||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]||Yes | + | | International Instrument Users Association (WIB) ||2010-11-10||[http://www.isssource.com/wib/ WIB Security Standard Released ]||No||Industry Report||3.3 [[Security Targets]],<br>5.4 [[International Cooperation]] |
| |- | | |- |
− | | Johnson, Vincent R. ||2005||[[Cybersecurity,_Identity_Theft,_and_the_Limits_of_Tort_Liability|Cybersecurity, Identity Theft, and the Limits of Tort Liability ]]||Journal Article ||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||Yes | + | | International Telecommunications Union ||2012-02-10||[http://www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-toolkit-cybercrime-legislation.pdf ITU Toolkit for Cybercrime Legislation ]||No||Independent Report|| |
| |- | | |- |
− | | Powell, Benjamin ||2005||[[Is_Cybersecurity_a_Public_Good|Is Cybersecurity a Public Good ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.5 [[Market Failure]],<br>5.1 [[Regulation/Liability]]||Yes | + | | James Clapper, Director of National Intelligence ||2011-02-10||[http://www.dni.gov/testimonies/20110210_testimony_clapper.pdf Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony) ]||No||U.S. Government Report||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]] |
| |- | | |- |
− | | Granick, Jennifer Stisa ||2005||[[The_Price_of_Restricting_Vulnerability_Publications|The Price of Restricting Vulnerability Publications ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Johnson, Eric M. ||2008||[[Managing_Information_Risk_and_the_Economics_of_Security|Managing Information Risk and the Economics of Security ]]||Yes||Book ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Brown, Davis ||2006||[[A_Proposal_for_an_International_Convention_To_Regulate_the_Use_of_Information_Systems_in_Armed_Conflict|A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict ]]||Journal Article ||3.3.2.1 [[Military networks (.gov)]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | Johnson, Vincent R. ||2005||[[Cybersecurity,_Identity_Theft,_and_the_Limits_of_Tort_Liability|Cybersecurity, Identity Theft, and the Limits of Tort Liability ]]||Yes||Journal Article ||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Swire, Peter P. ||2006||[[A_Theory_of_Disclosure_for_Security_and_Competitive_Reasons|A Theory of Disclosure for Security and Competitive Reasons ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum ||2009-09-15||[http://nationalstrategy.com/Portals/0/National%20Security%20Threats%20in%20Cyberspace%20FINAL%2009-15-09.pdf National Security Threats in Cyberspace ]||No||Independent Report|| |
| |- | | |- |
− | | Kobayashi, Bruce H. ||2006||[[An_Economic_Analysis_of_the_Private_and_Social_Costs_of_the_Provision_of_Cybersecurity_and_Other_Public_Security_Goods|An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.6 [[Deterrence]]||Yes | + | | Joseph S. Nye||2010||[[Cyber_Power|Cyber Power]]||Yes||Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Stohl, Michael ||2006||[[Cyber_Terrorism|Cyber Terrorism ]]||Journal Article ||3.2.3 [[Hacktivists]],<br>3.2.4 [[Terrorists]],<br>4.5 [[Psychology and Politics]]||Yes | + | | Journal of Strategic Studies ||2011-10-05||[http://www.tandfonline.com/doi/abs/10.1080/01402390.2011.6089393 Cyber War Will Not Take Place ]||No||Journal Article|| |
| |- | | |- |
− | | Arora et al. ||2006||[[Does_Information_Security_Attack_Frequency_Increase_With_Vulnerability_Disclosure|Does Information Security Attack Frequency Increase With Vulnerability Disclosure ]]||Journal Article ||4.2.1 [[Risk Management and Investment]],<br>4.6 [[Information Sharing/Disclosure]]||Yes | + | | Kelly A. Gable||2010||[[Cyber-Apocalypse_Now|Cyber-Apocalypse Now - Securing the Internet Against Cyberterrorism and Using Universal Jurisdiction as a Deterrent]]||Yes||Journal Article||3.2.4 [[Terrorists]],<br>3.3 [[Security Targets]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Lernard, Thomas M. ||2006||[[Much_Ado_About_Notification|Much Ado About Notification ]]||Journal Article ||4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulaiton/Liability]]||Yes | + | | Kerr, Paul K. et al.<br />CRS||2010-12-09||[http://www.fas.org/sgp/crs/natsec/R41524.pdf The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability]||No||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]],<br>5.4 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Anderson, Ross ||2006||[[The_Economics_of_Information_Security|The Economics of Information Security ]]||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||Yes | + | | Kesan, Jay P. and Hayes, Carol M.||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059446.pdf Thinking Through Active Defense in Cyberspace ]||No||Journal Article||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Thomas, Rob ||2006||[[The_Underground_Economy|The Underground Economy ]]||Journal Article ||3.2.5 [[Criminals and Criminl Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.11 [[Cybercrime]]||Yes | + | | Kobayashi, Bruce H.||2005||[[An_Economic_Analysis_of_the_Private_and_Social_Costs_of_the_Provision_of_Cybersecurity_and_other_Public_Security_Goods|An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and other Public Security Goods]]||Yes||Journal Article||4.2.1 [[Risk Management and Investment]],<br>4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | Telang, Rahul ||2007||[[Impact_of_Software_Vulnerability_Announcements_on_the_Market_Value_of_Software_Vendors|Impact of Software Vulnerability Announcements on the Market Value of Software Vendors ]]||Journal Article ||4.1 [[Metrics]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]]||Yes | + | | Kobayashi, Bruce H. ||2006||[[An_Economic_Analysis_of_the_Private_and_Social_Costs_of_the_Provision_of_Cybersecurity_and_Other_Public_Security_Goods|An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods ]]||Yes||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]],<br>5.6 [[Deterrence]] |
| |- | | |- |
− | | Schwartz, Paul ||2007||[[Notification_of_Data_Security_Breaches|Notification of Data Security Breaches ]]||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Korns, Stephen W. ||2009||[[Cyber_Operations|Cyber Operations ]]||Yes||Journal Article ||4.8 [[Attribution]],<br>4.12 [[Cyberwar]],<br>5.6 [[Deterrence]] |
| |- | | |- |
− | | Hollis, Duncan B. ||2007||[[Why_States_Need_an_International_Law_for_Information_Operations|Why States Need an International Law for Information Operations ]]||Journal Article ||4.12 [[Cyberwar]],<br>4.13.1 [[Government to Government Espionage]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | Kramer, Franklin D., et. al ||2009||[[Cyberpower_and_National_Security|Cyberpower and National Security ]]||Yes||Book ||1. [[Overview]] |
| |- | | |- |
− | | Epstein, Richard A. ||2008||[[Cybersecurity_in_the_Payment_Card_Industry|Cybersecurity in the Payment Card Industry ]]||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||Yes | + | | Kundra, Vivek||2010-12-09||[http://www.cio.gov/documents/25-point-implementation-plan-to-reform-federal%20it.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management]||No||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Todd, Graham H. ||2009||[[Armed_Attack_in_Cyberspace|Armed Attack in Cyberspace ]]||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 [[Internaitonal Law (including Laws of War)]]||Yes | + | | Kundra, Vivek||2011-02-08||[http://www.cio.gov/documents/federal-cloud-computing-strategy.pdf Federal Cloud Computing Strategy]||No||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Korns, Stephen W. ||2009||[[Cyber_Operations|Cyber Operations ]]||Journal Article ||4.8 [[Attribution]],<br>4.12 [[Cyberwar]],<br>5.6 [[Deterrence]]||Yes | + | | Lan, Tang et al.||2010||[[Global_Cyber_Deterrence|Global Cyber Deterrence: Views from China, the U.S., Russia, India, and Norway]]||Yes||Independent Report||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.6 [[Deterrence]] |
| |- | | |- |
− | | Beard, Jack M. ||2009||[[Law_and_War_in_the_Virtual_Era|Law and War in the Virtual Era ]]||Journal Article ||4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | Lernard, Thomas M. ||2005||[[An_Economic_Analysis_of_Notification_Requirements_for_Data_Security_Breaches|An Economic Analysis of Notification Requirements for Data Security Breaches ]]||Yes||Independent Report ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Sklerov, Matthew J. ||2009||[[Solving_the_Dilemma_of_State_Responses_to_Cyberattacks|Solving the Dilemma of State Responses to Cyberattacks ]]||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 [[Internaitonal Law (including Laws of War)]]||Yes | + | | Lernard, Thomas M. ||2006||[[Much_Ado_About_Notification|Much Ado About Notification ]]||Yes||Journal Article ||4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Moore, Tyler, et. al ||2009||[[The_Economics_of_Online_Crime|The Economics of Online Crime ]]||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]]||Yes | + | | Lewis, James Andrews||2005||[[Cyber_Security_and_Regulation_in_the_United_States|Aux armes, citoyens: Cyber Security and Regulation in the United States]]||Yes||Journal Article||3.3.1 [[Public Critical Infrastructure,<br>3.3.2.2 [[Financial Institutions and Networks]],<br>3.3.2.3 [[Transportation]] |
| |- | | |- |
− | | Watts, Sean ||2010||[[Combatant_Status_and_Computer_Network_Attack|Combatant Status and Computer Network Attack ]]||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | Libicki, Martin||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059490.pdf Pulling Punches in Cyberspace]||No||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Varian, Hal ||2000||[[Managing_Online_Security_Risks|Managing Online Security Risks ]]||Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]]||Yes | + | |Lin, Herbert||2012||[[Media:Lin-Cyber_Conflict_and_National_Security_2012.pdf|Cyber Conflict and National Security]]||No||Article|| |
| |- | | |- |
− | | European Network and Information Security Agency ||2010-10-07||[http://www.enisa.europa.eu/media/press-releases/stuxnet-analysis Stuxnet Analysis ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>5.7 [[Technology]]||No | + | | Lukasik, Stephen J.||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059438.pdf A Framework for Thinking about Cyber Conflict and Cyber Deterrence with Possible Declatory Policies for these Domain]||No||Journal Article||3.2 [[Actors and Incentives]],<br>5.4 [[International Cooperation]],<br>5.6 [[Deterrence]] |
| |- | | |- |
− | | European Network and Information Security Agency (ENISA) ||2011-04-11||[http://www.enisa.europa.eu/act/res/other-areas/inter-x/report/interx-report Resilience of the Internet Interconnection Ecosystem, at: ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]]||No | + | | Massachusetts Institute of Technology (MIT) ||2011-12-05||[http://web.mit.edu/mitei/research/studies/the-electric-grid-2011.shtml The Future of the Electric Grid ]||No||Independent Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4. [[Issues]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Cabinet Office (United Kingdom) ||2012-11-11||[http://www.cabinetoffice.gov.uk/sites/default/files/resources/uk-cyber-security-strategy-final.pdf The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world ]||Non-U.S. Government Report||3. [[Threats and Actors]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No | + | | McAfee ||2011-08-02||[http://www.mcafee.com/us/resources/white-papers/wp-operation-shady-rat.pdf Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years ]||No||Industry Report||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.13 [[Espionage]] |
| |- | | |- |
− | | GAO||2012-02-28||[http://www.csit.qub.ac.uk/media/pdf/Filetoupload,252359,en.pdf Cybersecurity: Challenges to Securing the Modernized Electricity Grid ]||Non-U.S. Government Report ||||No | + | | McAfee ||2012-02-01||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf?cid=WBB048 Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World ]||No||Industry Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]] |
| |- | | |- |
− | | van Eeten, Michel J. G. ||2008||[[Economics_of_Malware|Economics of Malware ]]||Non-U.S. Government Report ||4.2 [[Economics of Cybersecurity]]||Yes | + | | McAfee and Center for Strategic and International Studies (CSIS) ||2011-04-21||[http://www.mcafee.com/us/resources/reports/rp-critical-infrastructure-protection.pdf In the Dark: Crucial Industries Confront Cyberattacks ]||No||Industry Report||3. [[Threats and Actors]],<br>3.3.2 [[Private Critical Infrastructure]],<br> 4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | Dunlap, Charles J. Jr. ||2009||[[Towards_a_Cyberspace_Legal_Regime_in_the_Twenty-First_Century|Towards a Cyberspace Legal Regime in the Twenty-First Century ]]||Article||4.5 [[Psychology and Politics]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | McAfee and the Security Defense Agenda||2012-02-12||[http://www.mcafee.com/us/resources/reports/rp-sda-cyber-security.pdf Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World]||No||Industry Report||1. [[Overview]],<br>4. [[Issues]],<br>5. [[Approaches]] |
| |- | | |- |
− | | Anderson, Ross, et. al ||2008||[[Security_Economics_and_the_Internal_Market|Security Economics and the Internal Market ]]||Article||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.6 [[Deterrence]]||Yes | + | | McAfee, Inc. ||2010||[[McAfee_Threats_Report|McAfee Threats Report ]]||Yes||Industry Report ||3.2.3 [[Hacktivists]],<br>3.2.5 [[Criminals and Criminal Organizations]],<br>4.11 [[Cybercrime]] |
| |- | | |- |
− | | U.S. House Permenant Select Committee on Intelligence||2011-02-10||[https://intelligence.house.gov/hearing/full-committee-world-wide-threats-hearing World Wide Threats]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | McDermott, Rose||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059442.pdf Decision Making Under Uncertainty]||No||Journal Article||4.4 [[Usability/Human Factors]],<br>4.5 [[Psychology and Politics]],<br>4.8 [[Attribution]] |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-02-11||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cpreventing-chemical-terrorism-building-foundation-security-our-nation Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No | + | | Microsoft||2010-11||[http://cdn.globalfoundationservices.com/documents/InformationSecurityMangSysforMSCloudInfrastructure.pdf Information Security Management System for Microsoft Cloud Infrastructure ]||No||Industry Report||3.3.3.3 [[Cloud Computing]],<br>5.2 [[Private Efforts/Organizations]] |
| |- | | |- |
− | | U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-02-11||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=90d8a16a-23b7-4b9c-a732-cb10ab20e579&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=2&YearDisplay=2011 What Should the Department of Defense’s Role in Cyber Be?]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No | + | | Mitre Corp (JASON Program Office) ||2010-11||[http://www.fas.org/irp/agency/dod/jason/cyber.pdf Science of Cyber-Security ]||No||Independent Report||1. [[Overview]],<br>4. [[Issues]] |
| |- | | |- |
− | | U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-02-17||[http://www.hsgac.senate.gov/hearings/the-homeland-security-departments-budget-submission-for-fiscal-year-2012 Homeland Security Department’s Budget Submission for Fiscal Year 2012]||U.S. Government Hearing||||No | + | | Moore, Tyler||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059364.pdf Introducing the Economics of Cybersecurity: Principles and Policy Options]||No||Journal Article||4.2 [[Economics of Cybersecurity]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-03-10||[http://www.hsgac.senate.gov/hearings/information-sharing-in-the-era-of-wikileaks-balancing-security-and-collaboration Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No | + | | Moore, Tyler ||2007||[[Examining_the_Impact_of_Website_Take-down_on_Phishing|Examining the Impact of Website Take-down on Phishing ]]||Yes||Independent Report ||4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | U.S. Senate Committee on Energy and Natural Resources||2011-03-15||[ Cybersecurity and Critical Electric Infrastructure (closed)]||U.S. Government Hearing||3.3.2.1 [[Electricity]]||No | + | | Moore, Tyler ||2008||[[The_Consequence_of_Non-Cooperation_in_the_Fight_Against_Phishing|The Consequence of Non-Cooperation in the Fight Against Phishing ]]||Yes||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]] |
| |- | | |- |
− | | U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-03-16||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=79ce7b4c-f88b-40bf-9540-efdb3a2d26b2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2011 2012 Budget Request from U.S. Cyber Command]||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]]||No | + | | Moore, Tyler ||2009||[[The_Impact_of_Incentives_on_Notice_and_Take-down|The Impact of Incentives on Notice and Take-down ]]||Yes||Book ||4.2.2 [[Incentives]],<br>4.11 [[Cybercrime]],<br>5.4 [[International Cooperation]] |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-03-16||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-cyber-threat-critical-infrastructure-and-american-economy Examining the Cyber Threat to Critical Infrastructure and the American Economy]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]]||No | + | | Moore, Tyler, et. al ||2009||[[The_Economics_of_Online_Crime|The Economics of Online Crime ]]||Yes||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]] |
| |- | | |- |
− | | U.S. Senate Committee on Judiciary||2011-03-30||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da1697f72 Oversight of the Federal Bureau of Investigation]||U.S. Government Hearing||3. [[Threats and Actors]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No | + | | Morgan, Patrick M. ||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059436.pdf Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm ]||No||Journal Article||4.12 [[Cyberwar]],<br>5.4 [[International Cooperation]],<br>5.6 [[Deterrence ]] |
| |- | | |- |
− | | U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power)||2011-03-31||[http://www.dhs.gov/ynews/testimony/testimony_1301595025263.shtm Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs ]||U.S. Government Hearing||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No | + | | National Association of Secretaries of State ||2012-01-12||[http://www.nass.org/index.php?option=com_docman&task=doc_download&gid=1257 Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices ]||No||Independent Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-04-12||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16a9959 Cyber Security: Responding to the Threat of Cyber Crime and Terrorism]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||No | + | | National Cyber Defense Initiative ||2009||[[National_Cyber_Defense_Financial_Services_Workshop_Report|National Cyber Defense Financial Services Workshop Report ]]||Yes||Independent Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations)||2011-04-15||[http://foreignaffairs.house.gov/hearing_notice.asp?id=1279 Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology]||U.S. Government Hearing||3.2.1 [[Governments]],<br>4.12 [[Cyberwar]],<br>4.13 [[Espionage]]||No | + | | National Cyber Security Alliance and Microsoft ||2011-05-13||[http://www.staysafeonline.org/sites/default/files/resource_documents/2011%20National%20K-12%20Study%20Final_0.pdf 2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey ]||No||Industry Report||4.4 [[Usability/Human Factors]] |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-04-15||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9C-dhs-cybersecurity-mission-promoting-innovation-and-securing-critical DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No | + | | National Cyber Security Summit Task Force ||2004||[[Information_Security_Governance|Information Security Governance ]]||Yes||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[government Organizations]] |
| |- | | |- |
− | | U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-05-03||[http://www.armed-services.senate.gov/Transcripts/2011/05%20May/11-31%20-%205-3-11.pdf To receive testimony on the health and status of the defense industrial base and its science and technology-related elements]||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.3 [[Supply Chain Issues]],<br>5.3 [[Government Organizations]]||No | + | | National Infrastructure Advisory Council ||2004||[[Hardening_The_Internet|Hardening The Internet ]]||Yes||U.S. Government Report ||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. Senate Committee on Energy and Natural Resources||2011-05-05||[http://www.energy.senate.gov/public/index.cfm/hearings-and-business-meetings?ID=929c1441-da25-c99d-3e27-af20c29e3b4b Cybersecurity of the Bulk-Power System and Electric Infrastructure]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]]||No | + | | National Initiative for Cybersecurity Education||2011-08-11||[http://csrc.nist.gov/nice/documents/nicestratplan/Draft_NICE-Strategic-Plan_Aug2011.pdf National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation]||No||U.S. Government Report||1. [[Overview]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-05-23||[http://www.hsgac.senate.gov/hearings/protecting-cyberspace-assessing-the-white-house-proposal Protecting Cyberspace: Assessing the White House Proposal]||U.S. Government Hearing||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]]||No | + | | National Initiative for Cybersecurity Education (NICE) ||2011-11-21||[http://csrc.nist.gov/nice/framework/documents/NICE-Cybersecurity-Workforce-Framework-printable.pdf NICE Cybersecurity Workforce Framework ]||No||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations)||2011-05-25||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-immediate-threat-to-the-united-states/ Cybersecurity: Assessing the Immediate Threat to the United States]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||No | + | | National Institute of Standards and Technology ||2006||[[SP_800-82:_Guide_to_Supervisory_Control_and_Data_Acquisition_(SCADA)_and_Industrial_Control_Systems_Security|SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security ]]||Yes||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>.2.1 [[Risk Management and Investment]],<br>5.2 [[Private Efforts/Organizations]] |
| |- | | |- |
− | | U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet)||2011-05-25||[http://judiciary.house.gov/hearings/hear_05252011.html Cybersecurity: Problems Innovative Solutions to Challenging]||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]]||No | + | | National Institute of Standards and Technology (NIST) ||2010-09-02||[http://www.nist.gov/public_affairs/releases/nist-finalizes-initial-set-of-smart-grid-cyber-security-guidelines.cfm NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines ]||No||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education)||2011-05-25||[http://science.house.gov/hearing/subcommittee-research-and-science-education-subcommittee-technology-and-innovation-%E2%80%93-joint Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | National Research Council ||2009||[[Media:NRC-Cyberattack_Capabilities-2009.pdf|Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities]]||No||Independent Report|| |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies)||2011-05-26||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cunlocking-safety-act%E2%80%99s-potential-promote-technology-and-combat Unlocking the SAFETY Act’s Support Anti-terrorism by Fostering Effective Technologies - P.L. 107-296] Potential to Promote Technology and Combat Terrorism ]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No | + | | National Research Council ||2010-09-21||[http://www.nap.edu/catalog.php?record_id=12998 Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop ]||No||Independent Report||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>4.10 [[Privacy]] |
| |- | | |- |
− | | U.S. House Committee on Energy and Commerce||2011-05-31||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8639 Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No | + | | National Research Council ||2010-10-05||[http://www.nap.edu/catalog.php?record_id=12997#description Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy ]||No||Independent Report||3. [[Threats and Actors]],<br>4. [[Issues]],<br>5. [[Approaches]] |
| |- | | |- |
− | | U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade)||2011-06-02||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8653 Sony and Epsilon: Lessons for Data Security Legislation]||U.S. Government Hearing||4.9 [[Identity Management]],<br>5.1 [[Regulation/Liability]],<br>5.2 [[Private Efforts/Organizations]]||No | + | | National Research Council ||1999||[[Trust_in_Cyberspace|Trust in Cyberspace ]]||Yes||Independent Report ||3.3.3.2 [[Public Data Networks]],<br>4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing)||2011-06-15||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8693 Discussion Draft of H.R. ___, a bill to require greater protection for sensitive consumer data and timely notification in case of breach]||U.S. Government Hearing||4.6 [[Information Sharing/Disclosure]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No | + | | National Research Council ||2007||[[Toward_a_Safer_and_More_Secure_Cyberspace|Toward a Safer and More Secure Cyberspace ]]||Yes||Independent Report ||1. [[Overview]],<br>4.8 [[Attribution]],<br>5.6 [[Deterrence]] |
| |- | | |- |
− | | U.S. Senate Committee on Banking, Housing and Urban Affairs||2011-06-21||[http://banking.senate.gov/public/index.cfm?FuseAction=Hearings.Hearing&Hearing_ID=87487cb2-4710-4c09-a1b0-a9e12cda88f1 Cybersecurity and Data Protection in the Financial Sector]||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No | + | | National Research Council, Committee for Advancing Software-Intensive Systems Producibility ||2010-10-20||[http://www.nap.edu/catalog.php?record_id=12979 Critical Code: Software Producibility for Defense ]||No||Independent Reprot ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-06-21||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16e1bbe Cybersecurity: Evaluating the Administration’s Proposals]||U.S. Government Hearing||1. [[Overview]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | National Science and Technology Council ||2006||[[Federal_Plan_for_Cyber_Security_and_Information_Assurance_Research_and_Development|Federal Plan for Cyber Security and Information Assurance Research and Development ]]||Yes||U.S. Government Report ||4.1 [[Metrics]],<br>4.7 [[Attribution]],<br>4.8 [[Public-Private Cooperation]] |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-06-24||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-homeland-security-impact-obamaadministrations-cybersecurity Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No | + | | National Science Foundation||2011-08-11||[http://www.livescience.com/15423-forefront-cyber-security-research-nsf-bts.html At the Forefront of Cyber Security Research ]||No||U.S. Government Report||5.7 [[Technology]] |
| |- | | |- |
− | | U.S. House Committee on Financial Services (field hearing in Hoover, AL)||2011-06-29||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=246611 Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information]||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>5.1 [[Regulation/Liability]]||No | + | | National Science Foundation||2012-01-17||[http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=1127185 Information Security Risk Taking ]||No||U.S. Government Report||4.1 [[Metrics]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. Senate Committee on Commerce, Science and Transportation||2011-06-29||[http://commerce.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=e2c2a2ca-91d6-48a2-b5ea-b5c4104bdb97&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=b06c39af-e033-4cba-9221-de668ca1978a&MonthDisplay=6&YearDisplay=2011 Privacy and Data Security: Protecting Consumers in the Modern World]||U.S. Government Hearing||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No | + | | National Security Cyberspace Institute||2012-07-11||[http://www.nsci-va.org/WhitePapers/2011-07-22-Cyber Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies ]||No||Independent Report|| |
| |- | | |- |
− | | U.S. House Committee on Oversight and Government Reform||2011-07-07||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-nations-ability-to-address-the-growing-cyber-threat/ Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat]||U.S. Government Hearing||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No | + | | National Security Initiative ||2010-10-18||[http://www.americansecuritychallenge.com/ American Security Challenge ]||No||Independent Report|| |
| |- | | |- |
− | | U.S. House Committee on Science, Space and Technology||2011-07-21||[http://science.house.gov/markup/full-committee-%E2%80%93-markup Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]]||No | + | | Networking and Information Technology Research and Development ||2009||[[National_Cyber_Leap_Year_Summit_2009,_Co-Chairs%27_Report|National Cyber Leap Year Summit 2009, Co-Chairs' Report ]]||Yes||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | U.S. Senate Committee on Small Business and Entrepreneurship||2011-07-25||[http://www.sbc.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=6b4d51de-dd67-434b-869f-a717b315e6c2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=43eb5e02-e987-4077-b9a7-1e5a9cf28964&MonthDisplay=7&YearDisplay=2011 Role of Small Business in Strengthening Cybersecurity Efforts in the United States]||U.S. Government Hearing||4.2.2 [[Incentives]],<br>4.7 [[public-Private Cooperation]]||No | + | | NIST ||2011-09-01||[http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505 Cloud Computing Reference Architecture ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]] |
| |- | | |- |
− | | U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2011-07-26||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8824 Cybersecurity: Infrastructure An Overview of Risks to Critical]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No | + | | NIST ||2011-12-01||[http://www.nist.gov/itl/cloud/upload/SP_500_293_volumeII.pdf U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. Senate Committee on Judiciary||2011-09-07||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=3d9031b47812de2592c3baeba629084b Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats]||U.S. Government Hearing||3.11 [[Cybercrime]],<br>4.13.2 [[Industrial Espionage]],<br>5.1 [[Regulation/Liability]]||No | + | | NIST ||2012-02-17||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit)||2011-09-14||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=258792 Combating Cybercriminals]||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>5.7 [[Government Organizations]]||No | + | | Nojeim, Gregory T.||2009||[[Cybersecurity:_Preventing_Terrorist_Attacks_and_Protecting_Privacy_in_Cyberspace|Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace]]||Yes||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation)||2011-09-21||[http://science.house.gov/hearing/technology-and-innovation-subcommittee-hearing-cloud-computing The Cloud Computing Outlook]||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No | + | | North American Electric Reliability Corp. (NERC) ||2011-01-26||[http://www.wired.com/images_blogs/threatlevel/2011/02/DoE-IG-Report-on-Grid-Security.pdf Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security ]||No||U.S. Government Report||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | U.S. House Permenant Select Committee on Intelligence||2011-10-04||[https://intelligence.house.gov/hearing/cyber-threats-and-ongoing-efforts-protect-nation Cyber Threats and Ongoing Efforts to Protect the Nation]||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.13.2 [[Industrial Espionage]],<br>5.4 [[International Cooperation]]||No | + | | NSTC||2011-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program]||No||U.S. Government Report||5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology)||2011-10-06||[http://homeland.house.gov/hearing/cloud-computing-what-are-security-implications Cloud Computing: What are the Security Implications?]||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]]||No | + | | Nye, Joseph ||2010||[[Cyber_Power|Cyber Power ]]||Yes||Book ||4.12 [[Cyberwar]],<br>4.13 [[Espionage]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-11-03||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=42c170fb-8e0c-453a-81a2-f4ee3fa89283&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=11&YearDisplay=2011 Institutionalizing Irregular Warfare Capabilities]||U.S. Government Hearing||4.12 [[Cyberwar]]||No | + | | OECD||2009||[[Cybersecurity_and_Economic_Incentives|Cybersecurity and Economic Incentives]]||Yes||Non-U.S. Government Report||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]] |
| |- | | |- |
− | | U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security)||2011-11-15||[http://judiciary.house.gov/hearings/hear_11152011.html Cybersecurity: Protecting America’s New Frontier]||U.S. Government Hearing||4.10 [[Privacy]],<br>4.11 [[Cybercrime]]||No | + | | OECD||2009||[[The_Market_Consequences_of_Cybersecurity|The Market Consequences of Cybersecurity]]||Yes||Non-U.S. Government Report||4.2 [[Economics of Cybersecurity]],<br>4.2.2 [[Incentives]] |
| |- | | |- |
− | | U.S. House Committee on the Judiciary||2011-11-16||[http://judiciary.house.gov/hearings/hear_11162011.html Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act)]||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]]||No | + | | Office of the National Counterintelligence Executive ||2011-11-03||[http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf Foreign Spies Stealing US Economic Secrets in Cyberspace ]||No||U.S. Government Report||3. [[Threats and Actors]],<br>3.2 [[Actors and Incentives]],<br>4.13 [[Espionage]] |
| |- | | |- |
− | | U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology)||2011-12-01||[http://smallbusiness.house.gov/Calendar/EventSingle.aspx?EventID=270278 Cyber Security: Protecting Your Small Business]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]]||No | + | | Organisation for Economic Co-operation and Development (OECD) ||2010-11-12||[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.165.2211&rep=rep1&type=pdf The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data ]||No||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | U.S. House Permenant Select Committee on Intelligence||2011-12-01||[https://intelligence.house.gov/markup/mark-hr-xxxx-%E2%80%9Ccyber-intelligence-sharing-and-protection-act-2011%E2%80%9D Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011]||U.S. Government Hearing||4.6 [[Information Sharing]],<br>5.1 [[Regulation/Liability]]||No | + | | Organization for Economic Co-operation and Development (OECD) ||2012-01-10||[http://www.oecd-ilibrary.org/docserver/download/fulltext/5k9h2q8v9bln.pdf?expires=1330527950&id=id&accname=guest&checksum=F4470043AC638BE19D5131C3D5CE5EA4 ICT Applications for the Smart Grid: Opportunities and Policy Implications ]||No||Independent Report || |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-12-06||[http://homeland.house.gov/hearing/subcommittee-hearing-hearing-draft-legislative-proposal-cybersecurity Hearing on Draft Legislative Proposal on Cybersecurity]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No | + | | PCAST||2010-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology]||No||U.S. Government Report||4.3 [[Supply Chain Issues]],<br>4.10 [[Privacy]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2012-02-01||[http://homeland.house.gov/markup/subcommittee-markup-hr-3674 Consideration and Markup of H.R. 3674]||U.S. Government Hearing||4.6 [[Information Sharing]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No | + | | PCAST||2011-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-advanced-manufacturing-june2011.pdf Report to the President on Ensuring American Leadership in Advanced Manufacturing]||No||U.S. Government Report||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. Senate Committee on Homeland Security and Governmental Affairs||2012-02-16||[http://www.hsgac.senate.gov/hearings/securing-americas-future-the-cybersecurity-act-of-2012 Securing America’s Future: The Cybersecurity Act of 2012]||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||No | + | | Perkins, Earl||2009||[[Evolving_Cybersecurity_Issues_in_the_Utility_Industry|Evolving Cybersecurity Issues in the Utility Industry]]||Yes||Independent Report||3.3.2 [[Private Critical Infrastructure]],<br>3.3.2.4 [[Water, Sewer, etc.]],<br>4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-02-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9318 Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security]||U.S. Government Hearing||3.3.2.1 [[Electricity]],<br>4.2.1 [[Risk Management and Investment]]||No | + | | Pew Research Center’s Internet & American Life Project ||2010-06-11||[http://pewinternet.org/Reports/2010/The-future-of-cloud-computing.aspx The future of cloud computing ]||No||Independent Report||3.3.3.3 [[Cloud Computing]] |
| |- | | |- |
− | | U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight)||2012-02-29||[http://science.house.gov/hearing/subcommittee-investigations-and-oversight-hearing-nasa-cybersecurity-examination-agency%E2%80%99s NASA Cybersecurity: An Examination of the Agency’s Information Security]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | Powell, Benjamin ||2005||[[Is_Cybersecurity_a_Public_Good|Is Cybersecurity a Public Good ]]||Yes||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.5 [[Market Failure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-07||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9342 Cybersecurity:Networks The Pivotal Role of Communications]||U.S. Government Hearing||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | President's Commission on Critical Infrastructure Protection ||1997||[[Critical_Foundations|Critical Foundations ]]||Yes||U.S. Government Report ||3.3.2 [[Private Critical Infrastructure]],<br>3.3.3 [[Communications]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. Senate Committee on Judiciary||2012-03-13||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=8b30fa475a5089d793576cd947089793 The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know]||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]]||No | + | | President's Information Technology Advisory Council ||2005||[[Cyber_Security:_A_Crisis_of_Prioritization|Cyber Security: A Crisis of Prioritization ]]||Yes||U.S. Government Report ||4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=92823c77-38f0-4c20-a3ee-36729e8e19a3&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2012 Fiscal 2013 Defense Authorization: IT and Cyber Operations]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>Government [[Organizations]]||No | + | | Project on National Security Reform (PNSR) ||2010-11||[http://www.pnsr.org/data/images/pnsr_the_power_of_people_report.pdf The Power of People: Building an Integrated National Security Professional System for the 21st Century ]||No||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://www.armed-services.senate.gov/Transcripts/2012/03%20March/12-14%20-%203-20-12.pdf To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No | + | | Quadrennial Defense Review ||2010-07-30||[http://www.usip.org/quadrennial-defense-review-independent-panel-/view-the-report The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report) ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-03-27||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9393 IT Supply Chain Security: Review of Government and Industry Efforts]||U.S. Government Hearing||4.3 [[Supply Chain Issues]]||No | + | | RAND||2011-12-21||[http://www.rand.org/content/dam/rand/pubs/occasional_papers/2011/RAND_OP342.pdf A Cyberworm that Knows No Boundaries ]||No||Independent Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | U.S. Senate Committee on Armed Services||2012-03-27||[http://armed-services.senate.gov/e_witnesslist.cfm?id=5283 To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program.]||U.S. Government Hearing||3.2.1 [[States]],<br>4.2 [[Economics of Cybersecurity]],<br>4.12 [[Cyberwar]]||No | + | | Rattray, Gregory and Healey, Jason||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059437.pdf Categorizing and Understanding Offensive Cyber Capabilities and Their Use ]||No||Journal Article||3.1 [[The Threat and Skeptics]],<br>3.3 [[Security Targets]],<br>4.12 [[Cyberwar]] |
| |- | | |- |
− | | U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9397 Cybersecurity:Threats to Communications Networks and Public-Sector Responses]||U.S. Government Hearing||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No | + | | Rollins, John and Wilson, Clay||2007||[[Terrorist_Capabilities_for_Cyberattack|Terrorist Capabilities for Cyberattack]]||Yes||U.S. Government Report||3.2.4 [[Terrorists]],<br>3.3 [[Security Targets]],<br>4.2.2 [[Incentives]] |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-19||[http://homeland.house.gov/hearing/subcommittee-hearing-dhs-and-doe-national-labs-finding-efficiencies-and-optimizing-outputs The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development]||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | Romanosky et al. ||2008||[[Do_Data_Breach_Disclosure_Laws_Reduce_Identity_Theft|Do Data Breach Disclosure Laws Reduce Identity Theft ]]||Yes||Independent Report ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management)||2012-04-24||[http://homeland.house.gov/hearing/subcommittee-hearing-america-under-cyber-attack-why-urgent-action-needed America is Under Cyber Attack: Why Urgent Action is Needed]||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]]||No | + | | Rosenzweig, Paul||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059443.pdf The Organization of the United States Government and Private Sector for Achieving Cyber Deterrence ]||No||Journal Article||4.3 [[Supply Chain Issues]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-26||[http://homeland.house.gov/hearing/joint-subcommittee-hearing-iranian-cyber-threat-us-homeland Iranian Cyber Threat to U.S. Homeland]||U.S. Government Hearing||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.12 [[Cyberwar]]||No | + | | Rotenberg et. al. ||2010||[[The_Cyber_War_Threat_Has_Been_Grossly_Exaggerated|The Cyber War Threat Has Been Grossly Exaggerated ]]||Yes||Article||3.1 [[The Threat and Skeptics]],<br>3.2.1 [[States]],<br>4.12 [[Cyberwar]] |
| |- | | |- |
− | | GAO||2004-05-28||[http://www.gao.gov/assets/160/157541.pdf Technology Assessment: Cybersecurity for Critical Infrastructure Protection]||U.S. Government Report||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.7 [[Technology]]||No | + | | Rue, Rachel and Pfleeger, Shari Lawrence||2009||[[Making_the_Best_Use_of_Cybersecurity_Economic_Models|Making the Best Use of Cybersecurity Economic Models]]||Yes||Journal Article||4.1 [[Metrics]],<br>4.2.1 [[Risk Management and Investment]] |
| |- | | |- |
− | | U.S. Department of Energy, Infrastructure Security and Energy Restoration ||2007-01-01||[http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf 21 Steps to Improve Cyber Security of SCADA Networks ]||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | Santos, Joost R., et. al||2007||[[A_Framework_for_Linking_Cybersecurity_Metrics_to_the_Modeling_of_Macroeconomic_Interdependencies|A Framework for Linking Cybersecurity Metrics to the Modeling of Macroeconomic Interdependencies]]||Yes||Journal Article||3.3.2 [[Private Critical Infrastructure]],<br>4.1 [[Metrics]] |
| |- | | |- |
− | | Wilson, Clay<br />CRS||2007-03-20||[http://www.fas.org/sgp/crs/natsec/RL31787.pdf Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues]||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]]||No | + | | Schmitt Michael N ||2002||[[Wired_Warfare| Wired warfare: Computer network attack and jus in bello]]||Yes||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | GAO||2008-07-31||[http://www.gao.gov/assets/280/279084.pdf Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability]||U.S. Government Report||5.3 [[Government Organizations]]||No | + | | Schmitt Michael N ||2004||[[Direct_Participation_in_Hostilities|Direct Participation in Hostilities and 21st Century Armed Conflict]]||Yes||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Department of Homeland Security||2009-09-16||[http://www.cyber.st.dhs.gov/docs/National_Cyber_Leap_Year_Summit_2009_Co-Chairs_Report.pdf National Cyber Leap Year Summit 2009: Co-Chairs' Report]||U.S. Government Report||3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]],<br>4.8 [[Attribution]]||No | + | | Schmitt, Michael N. ||1999||[[Computer_Network_Attack_and_the_Use_of_Force_in_International_Law|Computer Network Attack and the Use of Force in International Law ]]||Yes||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | GAO||2009-09-24||[http://www.gao.gov/new.items/d09969.pdf Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No | + | | Schmitt, Michael N. ||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059439.pdf Cyber Operations in International Law: The Use of Force, Collective Security, Self-Defense, and Armed Conflicts]||No||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Federal Communications Commission (FCC) ||2010-04-21||[http://hraunfoss.fcc.gov/edocs_public/attachmatch/DOC-305618A1.doc Explore the reliability and resiliency of commercial broadband communications networks ]||U.S. Government Report||3.3.3 [[Communications]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | Schmitt, Michael N., et. al ||2004||[[Computers_and_War|Computers and War ]]||Yes||Independent Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Department of Energy, Idaho National Laboratory ||2010-05-01||[http://www.fas.org/sgp/eprint/nstb.pdf NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses ]||U.S. Government Report||3.3.2 [[Private Critical Infrastructure]],<br>5.7 [[Technology]]||No | + | | Schneidewind, Norman||2010||[[Metrics_for_Mitigating_Cybersecurity_Threats_to_Networks|Metrics for Mitigating Cybersecurity Threats to Networks]]||Yes||Journal Article||4.1 [[Metrics]] |
| |- | | |- |
− | | GAO||2010-06-03||[http://www.gao.gov/assets/310/305208.pdf Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No | + | | Schneier, Bruce ||2003||[[Beyond_Fear|Beyond Fear ]]||Yes||Book ||3.2 [[Actors and Incentives]],<br>4.5 [[Psychology and Politics]],<br>5.6 [[Deterrence]] |
| |- | | |- |
− | | General Accountability Office (GAO) ||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||U.S. Government Report||3.3 [[Security Targets]],<br>4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]]||No | + | | Schneier, Bruce ||2008||[[Schneier_on_Security|Schneier on Security ]]||Yes||Book ||3.2 [[Actors and Incentives]],<br>4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | National Institute of Standards and Technology (NIST) ||2010-09-02||[http://www.nist.gov/public_affairs/releases/nist-finalizes-initial-set-of-smart-grid-cyber-security-guidelines.cfm NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines ]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | Schwartz, Paul ||2007||[[Notification_of_Data_Security_Breaches|Notification of Data Security Breaches ]]||Yes||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | White House (Office of Science & Technology Policy) ||2010-12-06||[http://www.whitehouse.gov/blog/2010/12/06/partnership-cybersecurity-innovation Partnership for Cybersecurity Innovation ]||U.S. Government Report||3.3.2.2 [[Financial Institutions and Networks]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No | + | | Secretary of the Air Force ||2011-07-27||[http://www.e-publishing.af.mil/shared/media/epubs/AFI51-402.pdf Legal Reviews of Weapons and Cyber Capabilities ]||No||U.S. Government Report ||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | Kundra, Vivek||2010-12-09||[http://www.cio.gov/documents/25-point-implementation-plan-to-reform-federal%20it.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No | + | | Shackelford, Scott J.||2010||[[Estonia_Three_Years_Later|Estonia Three Years Later]]||Yes||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]] |
| |- | | |- |
− | | Kerr, Paul K. et al.<br />CRS||2010-12-09||[http://www.fas.org/sgp/crs/natsec/R41524.pdf The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability]||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]],<br>5.4 [[International Law (including Laws of War)]]||No | + | | Shah, Shashi K.||2004||[[The_Evolving_Landscape_of_Maritime_Cybersecurity|The Evolving Landscape of Maritime Cybersecurity]]||Yes||Journal Article||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2.3 [[Transportation]] |
| |- | | |- |
− | | White House ||2010-12-16||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4. [[Issues]],<br>5. [[Approaches]]||No | + | | Sklerov, Matthew J. ||2009||[[Solving_the_Dilemma_of_State_Responses_to_Cyberattacks|Solving the Dilemma of State Responses to Cyberattacks ]]||Yes||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | General Accountability Office (GAO) ||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | Sofaer, Abraham; Clark, David; and Diffie, Whitfield||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059440.pdf Cyber Security and International Cooperation ]||No||Journal Article||5.1 [[Regulation/Liability]],<br>5.4 [[International Cooperation]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | North American Electric Reliability Corp. (NERC) ||2011-01-26||[http://www.wired.com/images_blogs/threatlevel/2011/02/DoE-IG-Report-on-Grid-Security.pdf Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security ]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]]||No | + | | Software and Information Industry Association (SAII) ||2011-07-26||[http://www.siia.net/index.php?option=com_docman&task=doc_download&gid=3040&Itemid=318 Guide to Cloud Computing for Policy Makers ]||No||Independent Report ||3.3.3.3 [[Cloud Computing]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Kundra, Vivek||2011-02-08||[http://www.cio.gov/documents/federal-cloud-computing-strategy.pdf Federal Cloud Computing Strategy]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No | + | | Stohl, Michael ||2006||[[Cyber_Terrorism|Cyber Terrorism ]]||Yes||Journal Article ||3.2.3 [[Hacktivists]],<br>3.2.4 [[Terrorists]],<br>4.5 [[Psychology and Politics]] |
| |- | | |- |
− | | James Clapper, Director of National Intelligence ||2011-02-10||[http://www.dni.gov/testimonies/20110210_testimony_clapper.pdf Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony) ]||U.S. Government Report||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]]||No | + | | Stuart Madnick et al.||2009||[[Experiences_and_Challenges_with_Using_CERT_Data_to_Analyze_International_Cyber_Security|Experiences and Challenges with Using CERT Data to Analyze International Cyber Security]]||Yes||Journal Article||4.6 [[Information Sharing/Disclosure]],<br>5.4 [[International Cooperation]] |
| |- | | |- |
− | | General Accountability Office (GAO) ||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||U.S. Government Report||3. [[Threats and Actors]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No | + | | Swire, Peter P. ||2004||[[A_Model_for_When_Disclosure_Helps_Security|A Model for When Disclosure Helps Security ]]||Yes||Journal Article ||4.2.2 [[Incentives]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | U.S. Army War College, Strategy Research Project ||2011-03-24||[http://www.dtic.mil/dtic/tr/fulltext/u2/a552990.pdf China’s Cyber Power and America’s National Security ]||U.S. Government Report||3.2.1 [[States]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]]||No | + | | Swire, Peter P. ||2006||[[A_Theory_of_Disclosure_for_Security_and_Competitive_Reasons|A Theory of Disclosure for Security and Competitive Reasons ]]||Yes||Journal Article ||4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | U.S. Army War College ||2011-05-09||[http://www.strategicstudiesinstitute.army.mil/pubs/display.cfm?pubid=10670 Cyber Infrastructure Protection ]||U.S. Government Report||||No | + | | Symantec||2011-10-24||[http://www.symantec.com/connect/w32_duqu_precursor_next_stuxnet W32.Duqu: The Precursor to the Next Stuxnet ]||No||Industry Report||3. [[Threats and Actors]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Federal Communications Commission (FCC) ||2011-06-03||[ftp://ftp.fcc.gov/pub/Daily_Releases/Daily_Business/2011/ db0610/DOC-307454A1.txt FCC's Plan for Ensuring the Security of Telecommunications Networks ]||U.S. Government Report||||No | + | | Symantec Corporation ||2010||[[Symantec_Global_Internet_Security_Threat_Report|Symantec Global Internet Security Threat Report ]]||Yes||Industry Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]] |
| |- | | |- |
− | | National Science Foundation||2011-08-11||[http://www.livescience.com/15423-forefront-cyber-security-research-nsf-bts.html At the Forefront of Cyber Security Research ]||U.S. Government Report||5.7 [[Technology]]||No | + | | Telang, Rahul ||2007||[[Impact_of_Software_Vulnerability_Announcements_on_the_Market_Value_of_Software_Vendors|Impact of Software Vulnerability Announcements on the Market Value of Software Vendors ]]||Yes||Journal Article ||4.1 [[Metrics]],<br>4.2 [[Economics of Cybersecurity]],<br>4.6 [[Information Sharing/Disclosure]] |
| |- | | |- |
− | | National Initiative for Cybersecurity Education||2011-08-11||[http://csrc.nist.gov/nice/documents/nicestratplan/Draft_NICE-Strategic-Plan_Aug2011.pdf National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation]||U.S. Government Report||1. [[Overview]],<br>5.3 [[Government Organizations]]||No | + | | Theohary, Catherine A. and Rollins, John||2010||[[Cybersecurity:_Current_Legislation,_Executive_Branch_Initiatives,_and_Options_for_Congress|Cybersecurity: Current Legislation, Executive Branch Initiatives, and Options for Congress]]||Yes||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Office of the National Counterintelligence Executive ||2011-11-03||[http://www.ncix.gov/publications/reports/fecie_all/Foreign_Economic_Collection_2011.pdf Foreign Spies Stealing US Economic Secrets in Cyberspace ]||U.S. Government Report||3. [[Threats and Actors]],<br>3.2 [[Actors and Incentives]],<br>4.13 [[Espionage]]||No | + | | Thom, Maxie ||2006||[[Information_Warfare_Arms_Control| Information Warfare Arms Control: Risks and Costs]]||Yes||Journal Article||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5. [[Approaches]] |
| |- | | |- |
− | | Department of Defense ||2011-11-15||[http://www.defense.gov/home/features/2011/0411_cyberstrategy/docs/NDAA%20Section%20934%20Report_For%20webpage.pdf Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934 ]||U.S. Government Report||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | Thomas, Rob ||2006||[[The_Underground_Economy|The Underground Economy ]]||Yes||Journal Article ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>4.11 [[Cybercrime]] |
| |- | | |- |
− | | National Initiative for Cybersecurity Education (NICE) ||2011-11-21||[http://csrc.nist.gov/nice/framework/documents/NICE-Cybersecurity-Workforce-Framework-printable.pdf NICE Cybersecurity Workforce Framework ]||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No | + | | Threat Level Blog (Wired) ||2010-12-27||[http://www.wired.com/threatlevel/2010/12/a-four-day-dive-into-stuxnets-heart/ A Four-Day Dive Into Stuxnet’s Heart ]||No||Independent Report||3. [[Threats and Actors]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | General Accountability Office (GAO) ||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination ]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No | + | | Todd, Graham H. ||2009||[[Armed_Attack_in_Cyberspace|Armed Attack in Cyberspace ]]||Yes||Journal Article ||3.2.1 [[States]],<br>4.8 [[Attribution]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | GAO||2012-01-13||[http://www.gao.gov/assets/590/587681.pdf Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements]||U.S. Government Report||3.3.1.2 [[Military Networks (.mil)]],<br>4.7 [[Public-Private Cooperation]]||No | + | | Trend Micro Incorporated ||2010||[[Trend_Micro_Annual_Report|Trend Micro Annual Report ]]||Yes||Industry Report ||4.11 [[Cybercrime]] |
| |- | | |- |
− | | National Science Foundation||2012-01-17||[http://www.nsf.gov/awardsearch/showAward.do?AwardNumber=1127185 Information Security Risk Taking ]||U.S. Government Report||4.1 [[Metrics]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Air Force ||2010-07-15||[http://www.e-publishing.af.mil/shared/media/epubs/afdd3-12.pdf Cyberspace Operations: Air Force Doctrine Document 3-12 ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Department of Defense ||2012-04-11||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DoD) ]||U.S. Government Report||||No | + | | U.S. Army War College ||2011-05-09||[http://www.strategicstudiesinstitute.army.mil/pubs/display.cfm?pubid=10670 Cyber Infrastructure Protection ]||No||U.S. Government Report|| |
| |- | | |- |
− | | Fischer, Eric A.<br />CRS||2012-04-23||[http://www.fas.org/sgp/crs/natsec/R42114.pdf Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions]||U.S. Government Report||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]]||No | + | | U.S. Army War College, Strategy Research Project ||2011-03-24||[http://www.dtic.mil/dtic/tr/fulltext/u2/a552990.pdf China’s Cyber Power and America’s National Security ]||No||U.S. Government Report||3.2.1 [[States]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Project on National Security Reform (PNSR) ||2012-11-10||[http://www.pnsr.org/data/images/pnsr_the_power_of_people_report.pdf The Power of People: Building an Integrated National Security Professional System for the 21st Century ]||U.S. Government Report||4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Department of Energy, Infrastructure Security and Energy Restoration ||2007-01-01||[http://www.oe.netl.doe.gov/docs/prepare/21stepsbooklet.pdf 21 Steps to Improve Cyber Security of SCADA Networks ]||No||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Department of Homeland Security||2007-06||[http://www.oig.dhs.gov/assets/Mgmt/OIG_07-48_Jun07.pdf Challenges Remain in Securing the Nation’s Cyber Infrastructure]||U.S. Government Report||4.6 [[Information Sharing]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs) ||2010-009||[http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain Defending a New Domain ]||No||U.S. Government Report || |
| |- | | |- |
− | | White House||2009||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure]||U.S. Government Report||1. [[Overview]],<br>4.7 [[Public-Private Cooperation]]||No | + | | U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power)||2011-03-31||[http://www.dhs.gov/ynews/testimony/testimony_1301595025263.shtm Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs ]||No||U.S. Government Hearing||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Department of Homeland Security||2009-11||[http://www.cyber.st.dhs.gov/docs/DHS-Cybersecurity-Roadmap.pdf A Roadmap for Cybersecurity Research]||U.S. Government Report||1. [[Overview]],<br>4.2.1 [[Risk management and Investment]]||No | + | | U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-02-11||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=90d8a16a-23b7-4b9c-a732-cb10ab20e579&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=2&YearDisplay=2011 What Should the Department of Defense’s Role in Cyber Be?]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Department of Homeland Security||2010-08||[http://www.dhs.gov/xoig/assets/mgmtrpts/OIG_10-111_Aug10.pdf DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-03-16||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=79ce7b4c-f88b-40bf-9540-efdb3a2d26b2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2011 2012 Budget Request from U.S. Cyber Command]||No||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]] |
| |- | | |- |
− | | Department of Homeland Security||2010-09||[http://www.federalnewsradio.com/pdfs/NCIRP_Interim_Version_September_2010.pdf National Cyber Incident Response Plan]||U.S. Government Report||3. [[Threats and Actors]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-11-03||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=42c170fb-8e0c-453a-81a2-f4ee3fa89283&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=11&YearDisplay=2011 Institutionalizing Irregular Warfare Capabilities]||No||U.S. Government Hearing||4.12 [[Cyberwar]] |
| |- | | |- |
− | | PCAST||2010-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology]||U.S. Government Report||4.3 [[Supply Chain Issues]],<br>4.10 [[Privacy]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://armedservices.house.gov/index.cfm/hearings-display?ContentRecord_id=92823c77-38f0-4c20-a3ee-36729e8e19a3&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=64562e79-731a-4ac6-aab0-7bd8d1b7e890&MonthDisplay=3&YearDisplay=2012 Fiscal 2013 Defense Authorization: IT and Cyber Operations]||No||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | White House||2011-04||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy]||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]]||No | + | | U.S. House Committee on Energy and Commerce||2011-05-31||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8639 Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act]||No||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Department of Justice||2011-04||[http://www.justice.gov/oig/reports/FBI/a1122r.pdf The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat]||U.S. Government Report||4.6 [[Information Sharing/Disclosure]],<br>4.11 [[Cybercrime]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade)||2011-06-02||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8653 Sony and Epsilon: Lessons for Data Security Legislation]||No||U.S. Government Hearing||4.9 [[Identity Management]],<br>5.1 [[Regulation/Liability]],<br>5.2 [[Private Efforts/Organizations]] |
| |- | | |- |
− | | White House||2011-05||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World]||U.S. Government Report||1. [[Overview]]||No | + | | U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing)||2011-06-15||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8693 Discussion Draft of H.R. ___, a bill to require greater protection for sensitive consumer data and timely notification in case of breach]||No||U.S. Government Hearing||4.6 [[Information Sharing/Disclosure]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Department of Commerce, Internet Policy Task Force||2011-06||[http://www.nist.gov/itl/upload/Cybersecurity_Green-Paper_FinalVersion.pdf Cybersecurity, Innovation and the Internet Economy]||U.S. Government Report||4.2 [[Economics of Cybersecurity]],<br>4.7 [[Public-Private Cooperation]]||No | + | | U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-07||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9342 Cybersecurity:Networks The Pivotal Role of Communications]||No||U.S. Government Hearing||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | PCAST||2011-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-advanced-manufacturing-june2011.pdf Report to the President on Ensuring American Leadership in Advanced Manufacturing]||U.S. Government Report||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology)||2012-03-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9397 Cybersecurity:Threats to Communications Networks and Public-Sector Responses]||No||U.S. Government Hearing||3.3.3 [[Communications]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Energy Sector Control Systems Working Group||2011-09||[http://www.cyber.st.dhs.gov/wp-content/uploads/2011/09/Energy_Roadmap.pdf Roadmap to Achieve Energy Delivery Systems Cybersecurity]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>4.7 [[Public-Private Cooperation]]||No | + | | U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2011-07-26||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=8824 Cybersecurity: Infrastructure An Overview of Risks to Critical]||No||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Department of Homeland Security||2011-11||[http://www.dhs.gov/xlibrary/assets/nppd/blueprint-for-a-secure-cyber-future.pdf Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise]||U.S. Government Report||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-02-28||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9318 Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security]||No||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.2.1 [[Risk Management and Investment]] |
| |- | | |- |
− | | NSTC||2011-12||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program]||U.S. Government Report||5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations)||2012-03-27||[http://energycommerce.house.gov/hearings/hearingdetail.aspx?NewsID=9393 IT Supply Chain Security: Review of Government and Industry Efforts]||No||U.S. Government Hearing||4.3 [[Supply Chain Issues]] |
| |- | | |- |
− | | White House||2012-01||[http://www.whitehouse.gov/sites/default/files/national_strategy_for_global_supply_chain_security.pdf National Strategy for Global Supply Chain Security]||U.S. Government Report||4.3 [[Supply Chain Issues]]||No | + | | U.S. House Committee on Financial Services (field hearing in Hoover, AL)||2011-06-29||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=246611 Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information]||No||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | White House||2012-02||[http://www.whitehouse.gov/sites/default/files/privacy-final.pdf Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy]||U.S. Government Report||4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]]||No | + | | U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit)||2011-09-14||[http://financialservices.house.gov/Calendar/EventSingle.aspx?EventID=258792 Combating Cybercriminals]||No||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>3.3.2.2 [[Financial Institutions and Networks]],<br>5.7 [[Government Organizations]] |
| |- | | |- |
− | | Department of Energy||2012-04||[http://energy.gov/sites/prod/files/OAS-RA-12-04.pdf The Department's Management of the Smart Grid Investment Grant Program]||U.S. Government Report||3.3.2.1 [[Electricity]],<br>4.2.1 [[Risk Management and Investment]]||No | + | | U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations)||2011-04-15||[http://foreignaffairs.house.gov/hearing_notice.asp?id=1279 Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology]||No||U.S. Government Hearing||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>4.13 [[Espionage]] |
| |- | | |- |
− | | GAO||2003-08-27||[http://www.gao.gov/products/GAO-03-760 Efforts to Improve Information sharing Need to Be Strengthened ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-19||[http://homeland.house.gov/hearing/subcommittee-hearing-dhs-and-doe-national-labs-finding-efficiencies-and-optimizing-outputs The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development]||No||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | White House/OMB||2009-05-29||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure ]||U.S. Government Report ||4. [[Issues]],<br>5. [[Approaches]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence)||2012-04-26||[http://homeland.house.gov/hearing/joint-subcommittee-hearing-iranian-cyber-threat-us-homeland Iranian Cyber Threat to U.S. Homeland]||No||U.S. Government Hearing||3.2.1 [[States]],<br>3.3 [[Security Targets]],<br>4.12 [[Cyberwar]] |
| |- | | |- |
− | | GAO||2009-11-17||[http://www.gao.gov/products/GAO-10-230t Continued Efforts Are Needed to Protect Information Systems from Evolving Threats ]||U.S. Government Report ||3.2 [[Actors and Incentives]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-02-11||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cpreventing-chemical-terrorism-building-foundation-security-our-nation Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities]||No||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | White House/OMB||2010-03-02||[http://www.whitehouse.gov/cybersecurity/comprehensive-national-cybersecurity-initiative Comprehensive National Cybersecurity Initiative (CNCI) ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-03-16||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-cyber-threat-critical-infrastructure-and-american-economy Examining the Cyber Threat to Critical Infrastructure and the American Economy]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3 [[Security Targets]],<br>4.2 [[Economics of Cybersecurity]] |
| |- | | |- |
− | | GAO||2010-03-05||[http://www.gao.gov/products/GAO-10-338 Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-04-15||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9C-dhs-cybersecurity-mission-promoting-innovation-and-securing-critical DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure]||No||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | GAO||2010-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-06-24||[http://homeland.house.gov/hearing/subcommittee-hearing-examining-homeland-security-impact-obamaadministrations-cybersecurity Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal]||No||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | GAO||2010-03-24||[http://www.gao.gov/products/GAO-10-536t Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at: ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2011-12-06||[http://homeland.house.gov/hearing/subcommittee-hearing-hearing-draft-legislative-proposal-cybersecurity Hearing on Draft Legislative Proposal on Cybersecurity]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | GAO||2010-04-12||[http://www.gao.gov/products/GAO-10-237 Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies)||2012-02-01||[http://homeland.house.gov/markup/subcommittee-markup-hr-3674 Consideration and Markup of H.R. 3674]||No||U.S. Government Hearing||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | GAO||2010-06-16||[http://www.gao.gov/products/GAO-10-834t Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology)||2011-10-06||[http://homeland.house.gov/hearing/cloud-computing-what-are-security-implications Cloud Computing: What are the Security Implications?]||No||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.13 [[Espionage]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. Navy ||2010-06-17||[http://www.doncio.navy.mil/PolicyView.aspx?ID=1804 DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies)||2011-05-26||[http://homeland.house.gov/hearing/subcommittee-hearing-%E2%80%9Cunlocking-safety-act%E2%80%99s-potential-promote-technology-and-combat Unlocking the SAFETY Act’s Potential to Promote Technology and Combat Terrorism ]||No||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | White House/OMB||2010-06-25||[http://www.dhs.gov/xlibrary/assets/ns_tic.pdf The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management)||2012-04-24||[http://homeland.house.gov/hearing/subcommittee-hearing-america-under-cyber-attack-why-urgent-action-needed America is Under Cyber Attack: Why Urgent Action is Needed]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.2 [[Actors and Incentives]] |
| |- | | |- |
− | | GAO||2010-07-01||[http://www.gao.gov/products/GAO-10-513 Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Oversight and Government Reform||2011-07-07||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-nations-ability-to-address-the-growing-cyber-threat/ Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat]||No||U.S. Government Hearing||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | White House/OMB||2010-07-06||[http://www.whitehouse.gov/sites/default/files/omb/assets/memoranda_2010/m10-28.pdf Clarifying Cybersecurity Responsibilities ]||U.S. Government Report ||5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations)||2011-05-25||[http://oversight.house.gov/hearing/cybersecurity-assessing-the-immediate-threat-to-the-united-states/ Cybersecurity: Assessing the Immediate Threat to the United States]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | GAO||2010-07-15||[http://www.gao.gov/products/GAO-10-628 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Science, Space and Technology||2011-07-21||[http://science.house.gov/markup/full-committee-%E2%80%93-markup Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011]||No||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | U.S. Air Force ||2010-07-15||[http://www.e-publishing.af.mil/shared/media/epubs/afdd3-12.pdf Cyberspace Operations: Air Force Doctrine Document 3-12 ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education)||2011-05-25||[http://science.house.gov/hearing/subcommittee-research-and-science-education-subcommittee-technology-and-innovation-%E2%80%93-joint Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts]||No||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Quadrennial Defense Review ||2010-07-30||[http://www.usip.org/quadrennial-defense-review-independent-panel-/view-the-report The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report) ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight)||2012-02-29||[http://science.house.gov/hearing/subcommittee-investigations-and-oversight-hearing-nasa-cybersecurity-examination-agency%E2%80%99s NASA Cybersecurity: An Examination of the Agency’s Information Security]||No||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | GAO||2010-08-02||[http://www.gao.gov/products/GAO-10-606 United States Faces Challenges in Addressing Global Cybersecurity and Governance ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]||No | + | | U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation)||2011-09-21||[http://science.house.gov/hearing/technology-and-innovation-subcommittee-hearing-cloud-computing The Cloud Computing Outlook]||No||U.S. Government Hearing||3.3.3.3 [[Cloud Computing]],<br>4.7 [[Public-Private Cooperation]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | GAO||2010-09-15||[http://www.gao.gov/products/GAO-10-916 Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology)||2011-12-01||[http://smallbusiness.house.gov/Calendar/EventSingle.aspx?EventID=270278 Cyber Security: Protecting Your Small Business]||No||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | GAO||2010-09-23||[http://www.gao.gov/products/GAO-10-772 DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on the Judiciary||2011-11-16||[http://judiciary.house.gov/hearings/hear_11162011.html Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act)]||No||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | GAO||2010-10-06||[http://www.gao.gov/products/GAO-11-24 Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed ]||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security)||2011-11-15||[http://judiciary.house.gov/hearings/hear_11152011.html Cybersecurity: Protecting America’s New Frontier]||No||U.S. Government Hearing||4.10 [[Privacy]],<br>4.11 [[Cybercrime]] |
| |- | | |- |
− | | National Research Council, Committee for Advancing Software-Intensive Systems Producibility ||2010-10-20||[http://www.nap.edu/catalog.php?record_id=12979 Critical Code: Software Producibility for Defense ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet)||2011-05-25||[http://judiciary.house.gov/hearings/hear_05252011.html Cybersecurity: Problems Innovative Solutions to Challenging]||No||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]] |
| |- | | |- |
− | | GAO||2010-11-30||[http://www.gao.gov/products/GAO-11-43 Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk ]||U.S. Government Report ||3.3.3 [[Communications]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | U.S. House Permenant Select Committee on Intelligence||2011-02-10||[https://intelligence.house.gov/hearing/full-committee-world-wide-threats-hearing World Wide Threats]||No||U.S. Government Hearing||3.1 [[The Threat and Skeptics]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | White House/OMB||2010-12-09||[http://www.cio.gov/documents/25-Point-Implementation-Plan-to-Reform-Federal%20IT.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | U.S. House Permenant Select Committee on Intelligence||2011-10-04||[https://intelligence.house.gov/hearing/cyber-threats-and-ongoing-efforts-protect-nation Cyber Threats and Ongoing Efforts to Protect the Nation]||No||U.S. Government Hearing||4.7 [[Public-Private Cooperation]],<br>4.13.2 [[Industrial|Industrial Espionage]],<br>5.4 [[International Cooperation]] |
| |- | | |- |
− | | GAO||2011-01-12||[http://www.gao.gov/products/GAO-11-117 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed ]||U.S. Government Report ||3.3.2.1 [[Electricity]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | U.S. House Permenant Select Committee on Intelligence||2011-12-01||[https://intelligence.house.gov/markup/mark-hr-xxxx-%E2%80%9Ccyber-intelligence-sharing-and-protection-act-2011%E2%80%9D Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011]||No||U.S. Government Hearing||4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | White House ||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | U.S. Navy ||2010-06-17||[http://www.doncio.navy.mil/PolicyView.aspx?ID=1804 DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance ]||No||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | White House/OMB||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | U.S. Senate Committee on Armed Services||2012-03-27||[http://armed-services.senate.gov/e_witnesslist.cfm?id=5283 To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program.]||No||U.S. Government Hearing||3.2.1 [[States]],<br>4.2 [[Economics of Cybersecurity]],<br>4.12 [[Cyberwar]] |
| |- | | |- |
− | | GAO||2011-03-16||[http://www.gao.gov/products/GAO-11-463T Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2011-05-03||[http://www.armed-services.senate.gov/Transcripts/2011/05%20May/11-31%20-%205-3-11.pdf To receive testimony on the health and status of the defense industrial base and its science and technology-related elements]||No||U.S. Government Hearing||3.3.1.2 [[Military Networks (.mil)]],<br>4.3 [[Supply Chain Issues]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | White House ||2011-04-15||[http://www.whitehouse.gov/the-press-office/2011/04/15/administration-releases-strategy-protect-online-consumers-and-support-in Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities)||2012-03-20||[http://www.armed-services.senate.gov/Transcripts/2012/03%20March/12-14%20-%203-20-12.pdf To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program]||No||U.S. Government Hearing||4.2.1 [[Risk Management and Investment]],<br>4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | White House ||2011-04-15||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Banking, Housing and Urban Affairs||2011-06-21||[http://banking.senate.gov/public/index.cfm?FuseAction=Hearings.Hearing&Hearing_ID=87487cb2-4710-4c09-a1b0-a9e12cda88f1 Cybersecurity and Data Protection in the Financial Sector]||No||U.S. Government Hearing||3.3.2.2 [[Financial Institutions and Networks]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | White House/OMB||2011-05-12||[http://www.whitehouse.gov/the-press-office/2011/05/12/fact-sheet-cybersecurity-legislative-proposal Cybersecurity Legislative Proposal (Fact Sheet) ]||U.S. Government Report ||4. [[Issues]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Commerce, Science and Transportation||2011-06-29||[http://commerce.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=e2c2a2ca-91d6-48a2-b5ea-b5c4104bdb97&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=b06c39af-e033-4cba-9221-de668ca1978a&MonthDisplay=6&YearDisplay=2011 Privacy and Data Security: Protecting Consumers in the Modern World]||No||U.S. Government Hearing||4.9 [[Identity Management]],<br>4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | White House/OMB||2011-05-16||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]]||No | + | | U.S. Senate Committee on Energy and Natural Resources||2011-03-15||[ Cybersecurity and Critical Electric Infrastructure (closed)]||No||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]] |
| |- | | |- |
− | | Department of Commerce ||2011-06-14||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Energy and Natural Resources||2011-05-05||[http://www.energy.senate.gov/public/index.cfm/hearings-and-business-meetings?ID=929c1441-da25-c99d-3e27-af20c29e3b4b Cybersecurity of the Bulk-Power System and Electric Infrastructure]||No||U.S. Government Hearing||3.3.2.1 [[Electricity, Oil and Natural Gas]],<br>4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | GAO||2011-07-08||[http://www.gao.gov/products/GAO-11-149 Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain ]||U.S. Government Report ||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-02-17||[http://www.hsgac.senate.gov/hearings/the-homeland-security-departments-budget-submission-for-fiscal-year-2012 Homeland Security Department’s Budget Submission for Fiscal Year 2012]||No||U.S. Government Hearing|| |
| |- | | |- |
− | | Department of Defense ||2011-07-14||[http://www.defense.gov/news/d20110714cyber.pdf Department of Defense Strategy for Operating in Cyberspace ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-03-10||[http://www.hsgac.senate.gov/hearings/information-sharing-in-the-era-of-wikileaks-balancing-security-and-collaboration Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration]||No||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | GAO||2011-07-25||[http://www.gao.gov/products/GAO-11-75 Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Homeland Security and Governmental Affairs||2011-05-23||[http://www.hsgac.senate.gov/hearings/protecting-cyberspace-assessing-the-white-house-proposal Protecting Cyberspace: Assessing the White House Proposal]||No||U.S. Government Hearing||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | GAO||2011-07-26||[http://www.gao.gov/products/GAO-11-463T Continued Attention Needed to Protect Our Nation’s Critical Infrastructure ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Homeland Security and Governmental Affairs||2012-02-16||[http://www.hsgac.senate.gov/hearings/securing-americas-future-the-cybersecurity-act-of-2012 Securing America’s Future: The Cybersecurity Act of 2012]||No||U.S. Government Hearing||3.3.2 [[Private Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | Secretary of the Air Force ||2011-07-27||[http://www.e-publishing.af.mil/shared/media/epubs/AFI51-402.pdf Legal Reviews of Weapons and Cyber Capabilities ]||U.S. Government Report ||4.12 [[Cyberwar]],<br>5.3 [[Government Organizations]],<br>5.5 [[International Law (including Laws of War)]]||No | + | | U.S. Senate Committee on Judiciary||2011-03-30||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da1697f72 Oversight of the Federal Bureau of Investigation]||No||U.S. Government Hearing||3. [[Threats and Actors]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | GAO||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates ]||U.S. Government Report ||3.3.1.2 [[Military Networks (.mil)]],<br>4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Judiciary||2011-09-07||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=3d9031b47812de2592c3baeba629084b Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats]||No||U.S. Government Hearing||3.11 [[Cybercrime]],<br>4.13.2 [[Industrial|Industrial Espionage]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | General Accountability Office (GAO) ||2011-07-29||[http://www.gao.gov/products/GAO-11-695R Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Judiciary||2012-03-13||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=8b30fa475a5089d793576cd947089793 The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know]||No||U.S. Government Hearing||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | NIST ||2011-09-01||[http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909505 Cloud Computing Reference Architecture ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]]||No | + | | U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-04-12||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16a9959 Cyber Security: Responding to the Threat of Cyber Crime and Terrorism]||No||U.S. Government Hearing||4.11 [[Cybercrime]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | White House/OMB||2011-09-14||[http://www.whitehouse.gov/sites/default/files/omb/memoranda/2011/m11-33.pdf FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism)||2011-06-21||[http://www.judiciary.senate.gov/hearings/hearing.cfm?id=e655f9e2809e5476862f735da16e1bbe Cybersecurity: Evaluating the Administration’s Proposals]||No||U.S. Government Hearing||1. [[Overview]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | GAO||2011-10-03||[http://www.gao.gov/products/GAO-12-137 Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No | + | | U.S. Senate Committee on Small Business and Entrepreneurship||2011-07-25||[http://www.sbc.senate.gov/public/index.cfm?p=Hearings&ContentRecord_id=6b4d51de-dd67-434b-869f-a717b315e6c2&ContentType_id=14f995b9-dfa5-407a-9d35-56cc7152a7ed&Group_id=43eb5e02-e987-4077-b9a7-1e5a9cf28964&MonthDisplay=7&YearDisplay=2011 Role of Small Business in Strengthening Cybersecurity Efforts in the United States]||No||U.S. Government Hearing||4.2.2 [[Incentives]],<br>4.7 [[public-Private Cooperation]] |
| |- | | |- |
− | | GAO||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No | + | | United States Secret Service ||2004||[[Insider_Threat_Study|Insider Threat Study ]]||Yes||U.S. Government Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.2 [[Incentives]],<br>4.4 [[Usability/Human Factors]] |
| |- | | |- |
− | | GAO ||2011-10-05||[http://www.gao.gov/products/GAO-12-130T Information Security: Additional Guidance Needed to Address Cloud Computing Concerns ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No | + | | University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research ||2011-01-13||[http://www.isi.edu/deter/news/news.php?story=20 Design of the DETER Security Testbed ]||No||Independent Report||5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | White House/OMB||2011-10-07||[http://www.whitehouse.gov/the-press-office/2011/10/07/executive-order-structural-reforms-improve-security-classified-networks- Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information ]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No | + | | van Eeten, Michael and Bauer, Johannes M.||2009||[[Emerging_Threats_to_Internet_Security|Emerging Threats to Internet Security: Incentives, Externalities and Policy Implications]]||Yes||Journal Article||3.3.1.1 [[Government Networks (.gov)]],<br>4.2 [[Economics of Cybersecurity]],<br>4.11 [[Cybercrime]] |
| |- | | |- |
− | | GAO||2011-10-17||[http://www.gao.gov/products/GAO-11-634 Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management ]||U.S. Government Report ||5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | van Eeten, Michel J. G. ||2008||[[Economics_of_Malware|Economics of Malware ]]||Yes||Non-U.S. Government Report ||4.2 [[Economics of Cybersecurity]] |
| |- | | |- |
− | | GAO||2011-11-29||[http://www.gao.gov/products/GAO-12-8 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at: ]||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>4.4 [[Usability/Human Factors]],<br>5.3 [[Government Organizations]]||No | + | | Varian, Hal ||2000||[[Managing_Online_Security_Risks|Managing Online Security Risks ]]||Yes||Article ||4.2 [[Economics of Cybersecurity]],<br>4.2.1 [[Risk Management and Investment]] |
| |- | | |- |
− | | NIST ||2011-12-01||[http://www.nist.gov/itl/cloud/upload/SP_500_293_volumeII.pdf U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No | + | | Varian, Hal ||2004||[[System_Reliability_and_Free_Riding|System Reliability and Free Riding ]]||Yes||Book ||4.2 [[Economics of Cybersecurity]] |
| |- | | |- |
− | | White House/OMB||2011-12-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program ]||U.S. Government Report ||5.3 [[Government Organizations]],<br>5.7 [[Technology]]||No | + | | Vatis, Michael A.||2010||[http://sites.nationalacademies.org/xpedio/groups/cstbsite/documents/webpage/cstb_059441.pdf The Council of Europe Convention on Cybercrime]||No||Journal Article||4.11 [[Cybercrime]],<br>5.5 [[International Law (including Laws of War)]],<br>5.6 [[Deterrence]] |
| |- | | |- |
− | | White House/Office of Management and Budget (OMB) ||2011-12-08||[http://www.cio.gov/fedrampmemo.pdf Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP) ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No | + | | Verizon ||2010||[[2010_Data_Breach_Investigations_Report|2010 Data Breach Investigations Report ]]||Yes||Industry Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.11 [[Cybercrime]],<br>5.2 [[Private Efforts/Organizations]] |
| |- | | |- |
− | | GAO||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]]||No | + | | Watts, Sean ||2010||[[Combatant_Status_and_Computer_Network_Attack|Combatant Status and Computer Network Attack ]]||Yes||Journal Article ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]] |
| |- | | |- |
− | | General Accountability Office (GAO) ||2011-12-09||[http://www.gao.gov/products/GAO-12-92 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use ]||U.S. Government Report ||||No | + | | White House||2009||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure]||No||U.S. Government Report||1. [[Overview]],<br>4.7 [[Public-Private Cooperation]] |
| |- | | |- |
− | | Department of Energy (DOE) Inspector General ||2012-01-01||[http://energy.gov/ig/downloads/departments-management-smart-grid-investment-grant-program-oas-ra-12-04 The Department’s Management of the Smart Grid Investment Grant Program ]||U.S. Government Report ||3.3.2.1 [[Electricity]],<br>5.3 [[Government Organizations]]||No | + | | White House||2011-04||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy]||No||U.S. Government Report||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]] |
| |- | | |- |
− | | Federal CIO Council ||2012-01-04||[http://www.gsa.gov/portal/category/102371 Federal Risk and Authorization Management Program (FedRAMP) ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No | + | | White House||2011-05||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World]||No||U.S. Government Report||1. [[Overview]] |
| |- | | |- |
− | | Department of Defense ||2012-02-16||[http://www.fas.org/sgp/othergov/dod/5200_01v1.pdf DOD Information Security Program: Overview, Classification, and Declassification ]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]]||No | + | | White House||2012-01||[http://www.whitehouse.gov/sites/default/files/national_strategy_for_global_supply_chain_security.pdf National Strategy for Global Supply Chain Security]||No||U.S. Government Report||4.3 [[Supply Chain Issues]] |
| |- | | |- |
− | | NIST ||2012-02-17||[http://www.nist.gov/nstic/2012-nstic-governance-recs.pdf Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace ]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]]||No | + | | White House||2012-02||[http://www.whitehouse.gov/sites/default/files/privacy-final.pdf Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy]||No||U.S. Government Report||4.10 [[Privacy]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | President's Commission on Critical Infrastructure Protection ||1997||[[Critical_Foundations|Critical Foundations ]]||U.S. Government Report ||3.3.2 [[Private Critical Infrastructure]],<br>3.3.3 [[Communications]],<br>5.3 [[Government Organizations]]||Yes | + | | White House ||2010-12-16||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/pcast-nitrd-report-2010.pdf Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology ]||No||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>4. [[Issues]],<br>5. [[Approaches]] |
| |- | | |- |
− | | Department of Defense ||1999||[[An_Assessment_of_International_Legal_Issues_in_Information_Operations|An Assessment of International Legal Issues in Information Operations ]]||U.S. Government Report ||3.2.1 [[States]],<br>4.12 [[Cyberwar]],<br>5.5 [[International Law (including Laws of War)]]||Yes | + | | White House ||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Department of Homeland Security ||2003||[[The_National_Strategy_for_the_Physical_Protection_of_Critical_Infrastructures_and_Key_Assets|The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets ]]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes | + | | White House ||2011-04-15||[http://www.whitehouse.gov/the-press-office/2011/04/15/administration-releases-strategy-protect-online-consumers-and-support-in Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | White House ||2003||[[The_National_Strategy_to_Secure_Cyberspace|The National Strategy to Secure Cyberspace ]]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperations]]||Yes | + | | White House ||2011-04-15||[http://www.whitehouse.gov/sites/default/files/rss_viewer/NSTICstrategy_041511.pdf National Strategy for Trusted Identities in Cyberspace ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | National Infrastructure Advisory Council ||2004||[[Hardening_The_Internet|Hardening The Internet ]]||U.S. Government Report ||3.3 [[Security Targets]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||Yes | + | | White House ||2003||[[The_National_Strategy_to_Secure_Cyberspace|The National Strategy to Secure Cyberspace ]]||Yes||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]] |
| |- | | |- |
− | | National Cyber Security Summit Task Force ||2004||[[Information_Security_Governance|Information Security Governance ]]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[government Organizations]]||Yes | + | | White House ||2009||[[Cyberspace_Policy_Review|Cyberspace Policy Review ]]||Yes||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | United States Secret Service ||2004||[[Insider_Threat_Study|Insider Threat Study ]]||U.S. Government Report ||3.3.2.2 [[Financial Institutions and Networks]],<br>4.2.2 [[Incentives]],<br>4.4 [[Usability/Human Factor]]||Yes | + | | White House ||2010||[[The_Comprehensive_National_Cybersecurity_Initiative|The Comprehensive National Cybersecurity Initiative ]]||Yes||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Department of Defense ||2005-||[[Strategy_for_Homeland_Defense_and_Civil_Support|Strategy for Homeland Defense and Civil Support ]]||U.S. Government Report ||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes | + | | White House (Office of Science & Technology Policy) ||2010-12-06||[http://www.whitehouse.gov/blog/2010/12/06/partnership-cybersecurity-innovation Partnership for Cybersecurity Innovation ]||No||U.S. Government Report||3.3.2.2 [[Financial Institutions and Networks]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | President's Information Technology Advisory Council ||2005||[[Cyber_Security:_A_Crisis_of_Prioritization|Cyber Security: A Crisis of Prioritization ]]||U.S. Government Report ||4.2.2 [[Incentives]],<br>4.7 [[Public-Private Cooperation]],<br>5.3 [[Government Organizations]]||Yes | + | | White House/Office of Management and Budget (OMB) ||2011-12-08||[http://www.cio.gov/fedrampmemo.pdf Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP) ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Deputy Chief of Staff for Intelligence ||2006||[[Critical_Infrastructure_Threats_and_Terrorism|Critical Infrastructure Threats and Terrorism ]]||U.S. Government Report ||3.3 [[Security Targets]],<br>4.11 [[Cybercrime]],<br>4.12 [[Cyberwar]]||Yes | + | | White House/OMB||2009-05-29||[http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure ]||No||U.S. Government Report ||4. [[Issues]],<br>5. [[Approaches]] |
| |- | | |- |
− | | National Science and Technology Council ||2006||[[Federal_Plan_for_Cyber_Security_and_Information_Assurance_Research_and_Development|Federal Plan for Cyber Security and Information Assurance Research and Development ]]||U.S. Government Report ||4.1 [[Metrics]],<br>4.7 [[Attribution]],<br>4.8 [[Public-Private Cooperation]]||Yes | + | | White House/OMB||2010-03-02||[http://www.whitehouse.gov/cybersecurity/comprehensive-national-cybersecurity-initiative Comprehensive National Cybersecurity Initiative (CNCI) ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | National Institute of Standards and Technology ||2006||[[SP_800-82:_Guide_to_Supervisory_Control_and_Data_Acquisition_(SCADA)_and_Industrial_Control_Systems_Security|SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security ]]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>.2.1 [[Risk Management and Investment]],<br>5.2 [[Private Efforts/Organizations]]||Yes | + | | White House/OMB||2010-06-25||[http://www.dhs.gov/xlibrary/assets/ns_tic.pdf The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy ]||No||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>4.9 [[Identity Management]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Department of Defense ||2007||[[Mission_Impact_of_Foreign_Influence_on_DoD_Software|Mission Impact of Foreign Influence on DoD Software ]]||U.S. Government Report ||3.2.4 [[Terrorists]],<br>3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes | + | | White House/OMB||2010-07-06||[http://www.whitehouse.gov/sites/default/files/omb/assets/memoranda_2010/m10-28.pdf Clarifying Cybersecurity Responsibilities ]||No||U.S. Government Report ||5.3 [[Government Organizations]] |
| |- | | |- |
− | | Department of Homeland Security ||2009||[[A_Roadmap_for_Cybersecurity_Research|A Roadmap for Cybersecurity Research ]]||U.S. Government Report ||3.3 [[Security Targets]],<br>5.3 [[Government Organizations]]||Yes | + | | White House/OMB||2010-12-09||[http://www.cio.gov/documents/25-Point-Implementation-Plan-to-Reform-Federal%20IT.pdf 25 Point Implementation Plan to Reform Federal Information Technology Management ]||No||U.S. Government Report ||4.2 [[Economics of Cybersecurity]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | White House ||2009||[[Cyberspace_Policy_Review|Cyberspace Policy Review ]]||U.S. Government Report ||4.7 [[Public-Private Cooperation]],<br>5.2 [[Private Efforts/Organizations]],<br>5.3 [[Government Organizations]]||Yes | + | | White House/OMB||2011-02-13||[http://www.cio.gov/documents/Federal-Cloud-Computing-Strategy.pdf Federal Cloud Computing Strategy ]||No||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Networking and Information Technology Research and Development ||2009||[[National_Cyber_Leap_Year_Summit_2009,_Co-Chairs%27_Report|National Cyber Leap Year Summit 2009, Co-Chairs' Report ]]||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>4.9 [[Identity Management]],<br>5.7 [[Technology]]||Yes | + | | White House/OMB||2011-05-12||[http://www.whitehouse.gov/the-press-office/2011/05/12/fact-sheet-cybersecurity-legislative-proposal Cybersecurity Legislative Proposal (Fact Sheet) ]||No||U.S. Government Report ||4. [[Issues]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Department of Commerce ||2010||[[Defense_Industrial_Base_Assessment|Defense Industrial Base Assessment ]]||U.S. Government Report ||3.2.5 [[Criminals and Criminal Organizations]],<br>3.3.1 [[Public Critical Infrastructure]],<br>4.7 [[Public-Private Cooperation]]||Yes | + | | White House/OMB||2011-05-16||[http://www.whitehouse.gov/sites/default/files/rss_viewer/international_strategy_for_cyberspace.pdf International Strategy for Cyberspace ]||No||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]],<br>5.4 [[International Cooperation]] |
| |- | | |- |
− | | White House ||2010||[[The_Comprehensive_National_Cybersecurity_Initiative|The Comprehensive National Cybersecurity Initiative ]]||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>3.3.2 [[Private Critical Infrastructure]],<br>5.3 [[Government Organizations]]||Yes | + | | White House/OMB||2011-09-14||[http://www.whitehouse.gov/sites/default/files/omb/memoranda/2011/m11-33.pdf FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa ]||No||U.S. Government Report ||4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs) ||2010-009||[http://www.foreignaffairs.com/articles/66552/william-j-lynn-iii/defending-a-new-domain Defending a New Domain ]||U.S. Government Report ||||No | + | | White House/OMB||2011-10-07||[http://www.whitehouse.gov/the-press-office/2011/10/07/executive-order-structural-reforms-improve-security-classified-networks- Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information ]||No||U.S. Government Report ||3.3.1 [[Public Critical Infrastructure]],<br>4.6 [[Information Sharing/Disclosure]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | Department of Defense ||2011-04||[http://www.nsci-va.org/CyberReferenceLib/2011-04-Cyber%20Ops%20Personnel.pdf Cyber Operations Personnel Report (DOD) ]||U.S. Government Report ||||No | + | | White House/OMB||2011-12-06||[http://www.whitehouse.gov/sites/default/files/microsites/ostp/fed_cybersecurity_rd_strategic_plan_2011.pdf Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program ]||No||U.S. Government Report ||5.3 [[Government Organizations]],<br>5.7 [[Technology]] |
| |- | | |- |
− | | Department of Energy, Office of Electricity Delivery & Energy Reliability ||Undated||[http://energy.gov/oe/technology-development/energy-delivery-systems-cybersecurity Cybersecurity for Energy Delivery Systems Program ]||U.S. Government Report ||3.3.2.1 [[Electricity]],<br>4.2.1 [[Risk Management and Investment]],<br>5.3 [[Government Organizations]]||No | + | | Wilshusen, Gregory C. and Powner, David A.||2009||[[Continued_Efforts_are_Needed_to_Protect_Information_Systems_from_Evolving_Threats|Continued Efforts Are Needed to Protect Information Systems from Evolving Threats]]||Yes||U.S. Government Hearing||3.3.1.1 [[Government Networks (.gov)]],<br>5.1 [[Regulation/Liability]],<br>5.3 [[Government Organizations]] |
| |- | | |- |
− | | GAO||2009-07||[http://www.gao.gov/new.items/d09546.pdf Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses]||U.S. Government Report||3.3.1.1 [[Government Networks (.gov)]],<br>5.3 [[Government Organizations]]||No | + | | Wilson, Clay||2007-03-20||[http://www.fas.org/sgp/crs/natsec/RL31787.pdf Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues]||No||U.S. Government Report||3.3 [[Security Targets]],<br>4.12 [[Cyberwar]] |
| |- | | |- |
− | | GAO||2009-09||[http://www.gao.gov/new.items/d09617.pdf Information Security: Concerted Effort Needed to Improve Federal Performance Measures]||U.S. Government Report||3.3.1 [[Public Critical Infrastructure]],<br>5.3 [[Government Organizations]]||No | + | | Zittrain, Jonathan L. ||2008||[[The_Future_of_the_Internet_and_How_To_Stop_It|The Future of the Internet and How To Stop It ]]||Yes||Book ||4.4 [[Usability/Human Factors]],<br>5.1 [[Regulation/Liability]] |
| |- | | |- |
− | | General Services Administration (GSA) ||2012-02-07||[http://www.gsa.gov/graphics/staffoffices/FedRAMP_CONOPS.pdf Concept of Operations: FedRAMP ]||U.S. Government Report ||3.3.3.3 [[Cloud Computing]],<br>5.3 [[Government Organizations]]||No | + | | Centre for Secure Information Technologies||2012||[http://www.csit.qub.ac.uk/sites/CSIT/InnovationatCSIT/Reports/Filetoupload,295595,en.pdf 2nd World Cyber security Technology Research Summit (Belfast 2012)]||No||Independent Report|| |
| |} | | |} |
Author/Agency
|
Date
|
Title
|
Wiki Entry
|
Type
|
Category
|
Aloise, Gene et al. |
2008 |
Nuclear Security |
Yes |
U.S. Government Report |
3.3 Security Targets, 3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure
|
Anderson, Ross |
2001 |
Why Information Security is Hard |
Yes |
Independent Report |
4.2.1 Risk Management and Investment, 4.2.2 Incentives, 5.1 Regulation/Liability
|
Anderson, Ross |
2006 |
The Economics of Information Security |
Yes |
Journal Article |
4.2 Economics of Cybersecurity, 5.1 Regulation/Liability, 5.7 Technology
|
Anderson, Ross J. |
2008 |
Security Engineering |
Yes |
Book |
3.2 Security Targets, 4.2 Economics of Cybersecurity, 5.1 Regulation/Liability
|
Anderson, Ross, et. al |
2008 |
Security Economics and the Internal Market |
Yes |
Article |
4.2 Economics of Cybersecurity, 4.11 Cybercrime, 5.6 Deterrence
|
Arora et al. |
2006 |
Does Information Security Attack Frequency Increase With Vulnerability Disclosure |
Yes |
Journal Article |
4.2.1 Risk Management and Investment, 4.6 Information Sharing/Disclosure
|
Aviram, Amitai |
2004 |
Overcoming Impediments to Information Sharing |
Yes |
Journal Article |
4.2.1 Risk Management and Investment, 4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation
|
Barkham, Jason |
2001 |
Information Warfare and International Law on the Use of Force |
Yes |
Journal Article |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Bauer, Johannes M. and van Eeten, Michel J. G. |
2009 |
Cybersecurity: Stakeholder Incentives, Externalities, and Policy Options |
Yes |
Journal Article |
4.2 Economics of Cybersecurity, 4.2.1 Risk Management and Investment, 4.2.2 Incentives
|
Beard, Jack M. |
2009 |
Law and War in the Virtual Era |
Yes |
Journal Article |
4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Bellovin, Steven M. |
2009 |
The Government and Cybersecurity |
Yes |
Journal Article |
3.2 Actors and Incentives, 4.7Public-Private Cooperation
|
Besunder, Allison A. |
2009 |
Best Practices for Data Protection and Privacy |
Yes |
Book |
4.6 Information Sharing/Disclosure, 4.10 Privacy, 5.1 Regulation/Liability
|
Boebert, W. Earl |
2010 |
A Survey of Challenges in Attribution |
No |
Journal Article |
4.8 Attribution, 5.3 Government Organizations, 5.7 Technology
|
Bohme, Rainer |
2005 |
Cyber-Insurance Revisited |
Yes |
Independent Report |
4.2.2 Incentives, 4.2.3 Insurance, ,4.2.5 Market Failure
|
Bohme, Rainer |
2006 |
Models and Measures for Correlation in Cyber-Insurance |
Yes |
Independent Report |
4.2.3 Insurance, 5.2 Private Efforts/Organizations
|
Bohme, Rainer |
2010 |
Modeling Cyber-Insurance |
Yes |
Independent Report |
4.2.2 Incentives, 4.2.3 Insurance, ,5.2 Private Efforts/Organizations
|
Booz Allen Hamilton and the Economist Intelligence Unit |
2012-01-15 |
Cyber Power Index |
No |
Industry Report |
4. Issues, 4.1 Metrics, 5. Approaches
|
Bradley, Curtis A. and Goldsmith, Jack L. |
2011 |
Overview of International Law and Institutions |
Yes |
Article |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Brown, Davis |
2006 |
A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict |
Yes |
Journal Article |
3.3.1.2 Military Networks (.mil), 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Burstein, Aaron J. |
2008 |
Amending the ECPA to Enable a Culture of Cybersecurity Research |
Yes |
Journal Article |
4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation
|
Business Roundtable |
2011-10-11 |
Mission Critical: A Public-Private Strategy for Effective Cybersecurity |
No |
Independent Report |
|
Business Software Alliance |
2012-02-02 |
Global Cloud Computing Scorecard a Blueprint for Economic Opportunity |
No |
Industry Report |
3.3.3.3 Cloud Computing
|
Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America |
2011-03-08 |
Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper |
No |
Industry Report |
4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation, 5. Approaches
|
Cabinet Office (United Kingdom) |
2011-11-11 |
The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world |
No |
Non-U.S. Government Report |
3. Threats and Actors, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
Camp, L. Jean |
2004 |
Economics of Information Security |
Yes |
Book |
4.2 Economics of Cybersecurity, 5.1 Regulation/Liability
|
Camp, L. Jean |
2004 |
Pricing Security |
Yes |
Book |
4.2.1 Risk Management and Investment, 4.2.2 Incentives
|
Center for a New American Security |
2012-06-11 |
America’s Cyber Future: Security and Prosperity in the Information Age |
No |
Independent Report |
1. Overview, 4. Issues, 5. Approaches
|
Center for Strategic and International Studies |
2008 |
Securing Cyberspace for the 44th Presidency |
Yes |
Independent Report |
4.7 Public-Private Cooperation, 5.1 Regulation/Liability, 5.4 International Cooperation
|
Centre for Secure Information Technologies |
2011 |
World Cybersecurity Technology Research Summit (Belfast 2011) |
No |
Independent Report |
|
Cetron, Marvin J. and Davies, Owen |
2009 |
World War 3.0: Ten Critical Trends for Cybersecurity |
Yes |
Journal Article |
3.2 Actors and Incentives, 3.3.1 Public Critical Infrastructure, 4.12 Cyberwar
|
Clark, David and Landau, Susan |
2010 |
Untangling Attribution |
No |
Journal Article |
4.8 Attribution, 5.6 Deterrence, 5.7 Technology
|
Clarke, Richard A. |
2010 |
Cyber War |
Yes |
Book |
3.1 The Threat and Skeptics, 3.2.1 States, 4.12 Cyberwar
|
Clinton, Larry |
Undated |
Cyber-Insurance Metrics and Impact on Cyber-Security |
Yes |
Independent Report |
4.2.3 Insurance, 5.2 Private Efforts/Organizations
|
Cloud Security Alliance |
2009-12 |
Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 |
No |
Independent Report |
3.3.3.3 Cloud Computing, 4. Issues, 5.2 Private Efforts/Organizations
|
Cohen, Geoff |
2010 |
Targeting Third Party Collaboration |
No |
Journal Article |
3.1 The Threat and Skeptics, 4.7 Public-Private Cooperation, 4.11 Cybercrime
|
Computer Economics, Inc. |
2007 |
2007 Malware Report |
Yes |
Industry Report |
4.2 Economics of Cybersecurity
|
Computing Research Association |
2003- |
Four Grand Challenges in Trustworthy Computing |
Yes |
Independent Report |
4.4 Usability/Human Factors, 4.6 Information Sharing/Disclosure, 4.9 Identity Management
|
Cornish, Paul |
2009 |
Cyber Security and Politically, Socially and Religiously Motivated Cyber Attacks |
Yes |
Non-U.S. Government Report |
3.2 Actors and Incentives, 5.4 International Cooperation
|
Cornish, Paul et al. |
2009 |
Cyberspace and the National Security of the United Kingdom - Threats and Responses |
Yes |
Independent Report |
3. Threats and Actors, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
Council on Foreign Relations |
2010-07-15 |
Untangling Attribution: Moving to Accountability in Cyberspace [Testimony] |
No |
Independent Report |
3.2 Actors and Incentives, 4.8 Attribution, 5. Approaches
|
CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies |
2011-01 |
Cybersecurity Two Years Later |
No |
Independent Report |
3. Threats and Actors, 5. Approaches, 5.3 Government Organizations
|
Cyber Security Forum Initiative |
2011-05-09 |
Cyber Dawn: Libya |
No |
Industry Report |
3. Threats and Actors, 4. Issues, 5. Approaches
|
Department of Commerce |
2011-06-14 |
Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace |
No |
U.S. Government Report |
4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
|
Department of Commerce |
2010 |
Defense Industrial Base Assessment |
Yes |
U.S. Government Report |
3.2.5 Criminals and Criminal Organizations, 3.3.1 Public Critical Infrastructure, 4.7 Public-Private Cooperation
|
Department of Commerce, Internet Policy Task Force |
2011-06 |
Cybersecurity, Innovation and the Internet Economy |
No |
U.S. Government Report |
4.2 Economics of Cybersecurity, 4.7 Public-Private Cooperation
|
Department of Defense |
2011-07-14 |
Department of Defense Strategy for Operating in Cyberspace |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil), 5.3 Government Organizations
|
Department of Defense |
2011-11-15 |
Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934 |
No |
U.S. Government Report |
4.12 Cyberwar, 5.3 Government Organizations, 5.7 Technology
|
Department of Defense |
2012-02-16 |
DOD Information Security Program: Overview, Classification, and Declassification |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure, 5.3 Government Organizations
|
Department of Defense |
2012-04-11 |
Cyber Operations Personnel Report (DoD) |
No |
U.S. Government Report |
|
Department of Defense |
1999 |
An Assessment of International Legal Issues in Information Operations |
Yes |
U.S. Government Report |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Department of Defense |
2005- |
Strategy for Homeland Defense and Civil Support |
Yes |
U.S. Government Report |
3.2.4 Terrorists, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
Department of Defense |
2007 |
Mission Impact of Foreign Influence on DoD Software |
Yes |
U.S. Government Report |
3.2.4 Terrorists, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
Department of Defense |
2011-04 |
Cyber Operations Personnel Report (DOD) |
No |
U.S. Government Report |
|
Department of Energy |
2012-04 |
The Department's Management of the Smart Grid Investment Grant Program |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas, 4.2.1 Risk Management and Investment
|
Department of Energy (DOE) Inspector General |
2012-01-01 |
The Department’s Management of the Smart Grid Investment Grant Program |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas, 5.3 Government Organizations
|
Department of Energy, Idaho National Laboratory |
2010-05-01 |
NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses |
No |
U.S. Government Report |
3.3.2 Private Critical Infrastructure, 5.7 Technology
|
Department of Energy, Office of Electricity Delivery & Energy Reliability |
Undated |
Cybersecurity for Energy Delivery Systems Program |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas, 4.2.1 Risk Management and Investment, 5.3 Government Organizations
|
Department of Homeland Security |
2009-09-16 |
National Cyber Leap Year Summit 2009: Co-Chairs' Report |
No |
U.S. Government Report |
3.3 Security Targets, 4.2 Economics of Cybersecurity, 4.8 Attribution
|
Department of Homeland Security |
2007-06 |
Challenges Remain in Securing the Nation’s Cyber Infrastructure |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
Department of Homeland Security |
2009-11 |
A Roadmap for Cybersecurity Research |
No |
U.S. Government Report |
1. Overview, 4.2.1 Risk Management and Investment
|
Department of Homeland Security |
2010-08 |
DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems |
No |
U.S. Government Report |
3.3.1.1 Government Networks (.gov), 5.3 Government Organizations
|
Department of Homeland Security |
2010-09 |
National Cyber Incident Response Plan |
No |
U.S. Government Report |
3. Threats and Actors, 5.3 Government Organizations
|
Department of Homeland Security |
2011-11 |
Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise |
No |
U.S. Government Report |
3.3 Security Targets, 5.3 Government Organizations
|
Department of Homeland Security |
2003 |
The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets |
Yes |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 3.3.2 Private Critical Infrastructure, 5.3 Government Organizations
|
Department of Homeland Security |
2009 |
A Roadmap for Cybersecurity Research |
Yes |
U.S. Government Report |
3.3 Security Targets, 5.3 Government Organizations
|
Department of Justice |
2011-04 |
The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure, 4.11 Cybercrime, 5.3 Government Organizations
|
Deputy Chief of Staff for Intelligence |
2006 |
Critical Infrastructure Threats and Terrorism |
Yes |
U.S. Government Report |
3.3 Security Targets, 4.11 Cybercrime, 4.12 Cyberwar
|
Dörmann, Knut |
2004 |
Applicability of the Additional Protocols to Computer Network Attacks |
Yes |
Independent Report |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Douglas Maughan |
2010 |
The Need for a National Cybersecurity Research and Development Agenda |
Yes |
Article |
4.7 Public-Private Cooperation, 5.3 Government Organizations
|
Dunlap Charles J, Jr |
2011 |
Perspectives for Cyber Strategists on Law for Cyberwar |
Yes |
Journal Article |
4.12 Cyberwar, 5.3 Government Organizations, 5.5 International Law (including Laws of War)
|
Dunlap, Charles J. Jr. |
2009 |
Towards a Cyberspace Legal Regime in the Twenty-First Century |
Yes |
Article |
4.5 Psychology and Politics, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
EastWest Institute |
2011-02-03 |
Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace |
No |
Independent Report |
3.2.1 States, 5.4 International Cooperation, 5.5 International Law (including Laws of War)
|
Energetics Inc. |
2006 |
Roadmap to Secure Control Systems in the Energy Sector |
Yes |
Independent Report |
3.3.1 Public Critical Infrastructure, 4.7 Public-Private Cooperation
|
Energy Sector Control Systems Working Group |
2011-09 |
Roadmap to Achieve Energy Delivery Systems Cybersecurity |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation
|
ENISA |
2010 |
Introduction to Country Reports |
Yes |
Non-U.S. Government Report |
3.2.1 States, 5.3 Government Organizations, 5.4 International Cooperation
|
Epstein, Richard A. |
2008 |
Cybersecurity in the Payment Card Industry |
Yes |
Journal Article |
3.2.5 Criminals and Criminal Organizations, 4.11 Cybercrime, 5.1 Regulation/Liability
|
European Network and Information Security Agency |
2010-10-07 |
Stuxnet Analysis |
No |
Non-U.S. Government Report |
3. Threats and Actors, 5.7 Technology
|
European Network and Information Security Agency (ENISA) |
2011-04-11 |
Resilience of the Internet Interconnection Ecosystem, at: |
No |
Non-U.S. Government Report |
3. Threats and Actors, 4. Issues, 5. Approaches
|
Federal CIO Council |
2012-01-04 |
Federal Risk and Authorization Management Program (FedRAMP) |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing, 5.3 Government Organizations
|
Federal Communications Commission (FCC) |
2010-04-21 |
Explore the reliability and resiliency of commercial broadband communications networks |
No |
U.S. Government Report |
3.3.3 Communications, 5.1 Regulation/Liability, 5.3 Government Organizations
|
Federal Communications Commission (FCC) |
2011-06-03 |
FCC's Plan for Ensuring the Security of Telecommunications Networks |
No |
U.S. Government Report |
|
Financial Services Sector Coordinating Council for Critical Infrastructure Protection |
2008 |
Research Agenda for the Banking and Finance Sector |
Yes |
Independent Report |
3.3.2.2 Financial Institutions and Networks, 4.1 Metrics, 4.2.1 Risk Management and Investment
|
Fischer, Eric A. CRS |
2012-04-23 |
Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions |
No |
U.S. Government Report |
3.3 Security Targets, 5.1 Regulation/Liability
|
Franklin, Jason, et. al |
2007 |
An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants |
Yes |
Independent Report |
3.2.5 Criminals and Criminal Organizations, 4.2 Economics of Cybersecurity, 4.11 Cybercrime
|
Gandal, Neil |
2008 |
An Introduction to Key Themes in the Economics of Cyber Security |
Yes |
Book |
4.2 Economics of Cybersecurity, 4.2.2 Incentives, 5.7 Technology
|
GAO |
2003-08-27 |
Efforts to Improve Information sharing Need to Be Strengthened |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure, 5.3 Government Organizations
|
GAO |
2004-05-28 |
Technology Assessment: Cybersecurity for Critical Infrastructure Protection |
No |
U.S. Government Report |
3.3 Security Targets, 4.7 Public-Private Cooperation, 5.7 Technology
|
GAO |
2008-07-31 |
Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability |
No |
U.S. Government Report |
5.3 Government Organizations
|
GAO |
2009-09-24 |
Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
GAO |
2009-11-17 |
Continued Efforts Are Needed to Protect Information Systems from Evolving Threats |
No |
U.S. Government Report |
3.2 Actors and Incentives, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
GAO |
2010-03-05 |
Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
GAO |
2010-03-16 |
Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
GAO |
2010-03-24 |
Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at: |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
GAO |
2010-04-12 |
Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 5.3 Government Organizations, 5.7 Technology
|
GAO |
2010-06-03 |
Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development |
No |
U.S. Government Report |
4.7 Public-Private Cooperation, 5.3 Government Organizations
|
GAO |
2010-06-16 |
Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
GAO |
2010-07-01 |
Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing, 5.3 Government Organizations
|
GAO |
2010-07-15 |
Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
GAO |
2010-08-02 |
United States Faces Challenges in Addressing Global Cybersecurity and Governance |
No |
U.S. Government Report |
4.7 Public-Private Cooperation, 5.3 Government Organizations, 5.4 International Cooperation
|
GAO |
2010-09-15 |
Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
GAO |
2010-09-23 |
DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened |
No |
U.S. Government Report |
3.3 Security Targets, 5.3 Government Organizations
|
GAO |
2010-10-06 |
Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed |
No |
U.S. Government Report |
5.1 Regulation/Liability, 5.3 Government Organizations
|
GAO |
2010-11-30 |
Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk |
No |
U.S. Government Report |
3.3.3 Communications, 5.3 Government Organizations, 5.7 Technology
|
GAO |
2011-01-12 |
Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas, 5.1 Regulation/Liability, 5.3 Government Organizations
|
GAO |
2011-03-16 |
Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems |
No |
U.S. Government Report |
3.3 Security Targets, 5.1 Regulation/Liability, 5.3 Government Organizations
|
GAO |
2011-07-08 |
Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain |
No |
U.S. Government Report |
3.3.1.1 Government Networks (.gov), 5.3 Government Organizations, 5.7 Technology
|
GAO |
2011-07-25 |
Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil), 5.3 Government Organizations
|
GAO |
2011-07-26 |
Continued Attention Needed to Protect Our Nation’s Critical Infrastructure |
No |
U.S. Government Report |
3.3 Security Targets, 5.1 Regulation/Liability, 5.3 Government Organizations
|
GAO |
2011-07-29 |
Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil), 4.2 Economics of Cybersecurity, 5.3 Government Organizations
|
GAO |
2011-10-03 |
Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 4.4 Usability/Human Factors, 5.3 Government Organizations
|
GAO |
2011-10-05 |
Information Security: Additional Guidance Needed to Address Cloud Computing Concerns |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 3.3.3.3 Cloud Computing, 5.3 Government Organizations
|
GAO |
2011-10-17 |
Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management |
No |
U.S. Government Report |
5.1 Regulation/Liability, 5.3 Government Organizations
|
GAO |
2011-11-29 |
Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at: |
No |
U.S. Government Report |
4.2 Economics of Cybersecurity, 4.4 Usability/Human Factors, 5.3 Government Organizations
|
GAO |
2011-12-09 |
Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use |
No |
U.S. Government Report |
3.3 Security Targets, 5.1 Regulation/Liability, 5.3 Government Organizations
|
GAO |
2012-01-13 |
Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil), 4.7 Public-Private Cooperation
|
GAO |
2012-02-28 |
Cybersecurity: Challenges to Securing the Modernized Electricity Grid |
No |
Non-U.S. Government Report |
|
GAO |
2009 |
Critical Infrastructure Protection - Current Cyber Sector-Specific Planning Approach Needs Reassessment |
Yes |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 5.1 Regulation/Liability, 5.3 Government Organizations
|
GAO |
2009-07 |
Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses |
No |
U.S. Government Report |
3.3.1.1 Government Networks (.gov), 5.3 Government Organizations
|
GAO |
2009-09 |
Information Security: Concerted Effort Needed to Improve Federal Performance Measures |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
GAO |
2010 |
Information Security - Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies |
Yes |
U.S. Government Report |
3.3.1.1 Government Networks (.gov), 4.6 Information Sharing/Disclosure, 5.3 Government Organizations
|
GAO |
2011-10-05 |
Information Security: Additional Guidance Needed to Address Cloud Computing Concerns |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing, 5.3 Government Organizations
|
Geer, Daniel E. and Conway, Daniel G. |
2010 |
Nothing Ventured, Nothing Gained |
Yes |
Journal Article |
4.2 Economics of Cybersecurity, 4.2.1 Risk Management and Investment, 4.2.2 Incentives
|
Gellman, Robert |
2010 |
Civil Liberties and Privacy Implications of Policies to Prevent Cyberattacks |
No |
Journal Article |
4.8 Attribution, 4.10 Privacy, 5.1 Regulation/Liability
|
General Accountability Office (GAO) |
2010-07-15 |
Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed |
No |
U.S. Government Report |
3.3 Security Targets, 4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation
|
General Accountability Office (GAO) |
2011-01-12 |
Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas, 5.1 Regulation/Liability, 5.3 Government Organizations
|
General Accountability Office (GAO) |
2011-03-16 |
Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems |
No |
U.S. Government Report |
3. Threats and Actors, 3.3.1 Public Critical Infrastructure, 5.3 Government Organizations
|
General Accountability Office (GAO) |
2011-07-29 |
Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates |
No |
U.S. Government Report |
4.2 Economics of Cybersecurity, 5.3 Government Organizations
|
General Accountability Office (GAO) |
2011-11-29 |
Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 4.4 Usability/Human Factors, 5.3 Government Organizations
|
General Accountability Office (GAO) |
2011-12-09 |
Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use |
No |
U.S. Government Report |
|
General Services Administration (GSA) |
2012-02-07 |
Concept of Operations: FedRAMP |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing, 5.3 Government Organizations
|
Grady, Mark F. |
2006 |
The Law and Economics of Cybersecurity |
Yes |
Book |
4.2 Economics of Cybersecurity, 5.1 Regulation/Liability
|
Graham David E |
2010 |
Cyber Threats and the Law of War |
Yes |
Journal Article |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Granick, Jennifer Stisa |
2005 |
The Price of Restricting Vulnerability Publications |
Yes |
Journal Article |
4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
|
Hollis, Duncan B. |
2007 |
Why States Need an International Law for Information Operations |
Yes |
Journal Article |
4.12 Cyberwar, 4.13.1 Government to Government Espionage, 5.5 International Law (including Laws of War)
|
HP TippingPoint DVLabs |
2010 |
2010 Top Cyber Security Risks Report |
Yes |
Industry report |
4.11 Cybercrime, 5.7 Technology
|
IEEE/EastWest Institute |
2010-05-26 |
The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report) |
No |
Independent Report |
3.3.3 Communications, 4.7 Public-Private Cooperation, 5.4 International Cooperation
|
Institute for Information Infrastructure Protection |
2003 |
Cyber Security Research and Development Agenda |
Yes |
Independent Report |
4.1 Metrics, 4.2.1 Risk Management and Investment, 5.1 Regulation/Liability
|
Institute for Science and International Security |
2010-12-22 |
Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment |
No |
Independent Report |
3. Threats and Actors, 3.3 Security Targets, 5.7 Technology
|
International Instrument Users Association (WIB) |
2010-11-10 |
WIB Security Standard Released |
No |
Industry Report |
3.3 Security Targets, 5.4 International Cooperation
|
International Telecommunications Union |
2012-02-10 |
ITU Toolkit for Cybercrime Legislation |
No |
Independent Report |
|
James Clapper, Director of National Intelligence |
2011-02-10 |
Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony) |
No |
U.S. Government Report |
3.1 The Threat and Skeptics, 3.2 Actors and Incentives
|
Johnson, Eric M. |
2008 |
Managing Information Risk and the Economics of Security |
Yes |
Book |
4.2 Economics of Cybersecurity, 4.2.1 Risk Management and Investment, 5.1 Regulation/Liability
|
Johnson, Vincent R. |
2005 |
Cybersecurity, Identity Theft, and the Limits of Tort Liability |
Yes |
Journal Article |
4.9 Identity Management, 4.10 Privacy, 5.1 Regulation/Liability
|
Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum |
2009-09-15 |
National Security Threats in Cyberspace |
No |
Independent Report |
|
Joseph S. Nye |
2010 |
Cyber Power |
Yes |
Article |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Journal of Strategic Studies |
2011-10-05 |
Cyber War Will Not Take Place |
No |
Journal Article |
|
Kelly A. Gable |
2010 |
Cyber-Apocalypse Now - Securing the Internet Against Cyberterrorism and Using Universal Jurisdiction as a Deterrent |
Yes |
Journal Article |
3.2.4 Terrorists, 3.3 Security Targets, 5.5 International Law (including Laws of War)
|
Kerr, Paul K. et al. CRS |
2010-12-09 |
The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability |
No |
U.S. Government Report |
3.3 Security Targets, 4.12 Cyberwar, 5.4 International Law (including Laws of War)
|
Kesan, Jay P. and Hayes, Carol M. |
2010 |
Thinking Through Active Defense in Cyberspace |
No |
Journal Article |
4.2 Economics of Cybersecurity, 5.3 Government Organizations, 5.7 Technology
|
Kobayashi, Bruce H. |
2005 |
An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and other Public Security Goods |
Yes |
Journal Article |
4.2.1 Risk Management and Investment, 4.2.2 Incentives, 4.7 Public-Private Cooperation
|
Kobayashi, Bruce H. |
2006 |
An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods |
Yes |
Journal Article |
4.2 Economics of Cybersecurity, 4.2.2 Incentives, 5.6 Deterrence
|
Korns, Stephen W. |
2009 |
Cyber Operations |
Yes |
Journal Article |
4.8 Attribution, 4.12 Cyberwar, 5.6 Deterrence
|
Kramer, Franklin D., et. al |
2009 |
Cyberpower and National Security |
Yes |
Book |
1. Overview
|
Kundra, Vivek |
2010-12-09 |
25 Point Implementation Plan to Reform Federal Information Technology Management |
No |
U.S. Government Report |
3.3.1.1 Government Networks (.gov), 3.3.3.3 Cloud Computing, 5.3 Government Organizations
|
Kundra, Vivek |
2011-02-08 |
Federal Cloud Computing Strategy |
No |
U.S. Government Report |
3.3.1.1 Government Networks (.gov), 3.3.3.3 Cloud Computing, 5.3 Government Organizations
|
Lan, Tang et al. |
2010 |
Global Cyber Deterrence: Views from China, the U.S., Russia, India, and Norway |
Yes |
Independent Report |
3.2.1 States, 4.12 Cyberwar, 5.6 Deterrence
|
Lernard, Thomas M. |
2005 |
An Economic Analysis of Notification Requirements for Data Security Breaches |
Yes |
Independent Report |
4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
|
Lernard, Thomas M. |
2006 |
Much Ado About Notification |
Yes |
Journal Article |
4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
|
Lewis, James Andrews |
2005 |
Aux armes, citoyens: Cyber Security and Regulation in the United States |
Yes |
Journal Article |
3.3.1 [[Public Critical Infrastructure, 3.3.2.2 Financial Institutions and Networks, 3.3.2.3 Transportation
|
Libicki, Martin |
2010 |
Pulling Punches in Cyberspace |
No |
Journal Article |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Lin, Herbert |
2012 |
Cyber Conflict and National Security |
No |
Article |
|
Lukasik, Stephen J. |
2010 |
A Framework for Thinking about Cyber Conflict and Cyber Deterrence with Possible Declatory Policies for these Domain |
No |
Journal Article |
3.2 Actors and Incentives, 5.4 International Cooperation, 5.6 Deterrence
|
Massachusetts Institute of Technology (MIT) |
2011-12-05 |
The Future of the Electric Grid |
No |
Independent Report |
3.3.2.1 Electricity, Oil and Natural Gas, 4. Issues, 5.1 Regulation/Liability
|
McAfee |
2011-08-02 |
Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years |
No |
Industry Report |
3.2.1 States, 3.3 Security Targets, 4.13 Espionage
|
McAfee |
2012-02-01 |
Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World |
No |
Industry Report |
3. Threats and Actors, 4. Issues, 5. Approaches
|
McAfee and Center for Strategic and International Studies (CSIS) |
2011-04-21 |
In the Dark: Crucial Industries Confront Cyberattacks |
No |
Industry Report |
3. Threats and Actors, 3.3.2 Private Critical Infrastructure, 4.7 Public-Private Cooperation
|
McAfee and the Security Defense Agenda |
2012-02-12 |
Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World |
No |
Industry Report |
1. Overview, 4. Issues, 5. Approaches
|
McAfee, Inc. |
2010 |
McAfee Threats Report |
Yes |
Industry Report |
3.2.3 Hacktivists, 3.2.5 Criminals and Criminal Organizations, 4.11 Cybercrime
|
McDermott, Rose |
2010 |
Decision Making Under Uncertainty |
No |
Journal Article |
4.4 Usability/Human Factors, 4.5 Psychology and Politics, 4.8 Attribution
|
Microsoft |
2010-11 |
Information Security Management System for Microsoft Cloud Infrastructure |
No |
Industry Report |
3.3.3.3 Cloud Computing, 5.2 Private Efforts/Organizations
|
Mitre Corp (JASON Program Office) |
2010-11 |
Science of Cyber-Security |
No |
Independent Report |
1. Overview, 4. Issues
|
Moore, Tyler |
2010 |
Introducing the Economics of Cybersecurity: Principles and Policy Options |
No |
Journal Article |
4.2 Economics of Cybersecurity, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
|
Moore, Tyler |
2007 |
Examining the Impact of Website Take-down on Phishing |
Yes |
Independent Report |
4.2 Economics of Cybersecurity, 4.11 Cybercrime, 5.7 Technology
|
Moore, Tyler |
2008 |
The Consequence of Non-Cooperation in the Fight Against Phishing |
Yes |
Independent Report |
3.3.2.2 Financial Institutions and Networks, 4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure
|
Moore, Tyler |
2009 |
The Impact of Incentives on Notice and Take-down |
Yes |
Book |
4.2.2 Incentives, 4.11 Cybercrime, 5.4 International Cooperation
|
Moore, Tyler, et. al |
2009 |
The Economics of Online Crime |
Yes |
Journal Article |
3.2.5 Criminals and Criminal Organizations, 3.3.2.2 Financial Institutions and Networks, 4.2 Economics of Cybersecurity
|
Morgan, Patrick M. |
2010 |
Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm |
No |
Journal Article |
4.12 Cyberwar, 5.4 International Cooperation, 5.6 Deterrence
|
National Association of Secretaries of State |
2012-01-12 |
Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices |
No |
Independent Report |
4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
|
National Cyber Defense Initiative |
2009 |
National Cyber Defense Financial Services Workshop Report |
Yes |
Independent Report |
3.3.2.2 Financial Institutions and Networks, 4.2.1 Risk Management and Investment, 5.3 Government Organizations
|
National Cyber Security Alliance and Microsoft |
2011-05-13 |
2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey |
No |
Industry Report |
4.4 Usability/Human Factors
|
National Cyber Security Summit Task Force |
2004 |
Information Security Governance |
Yes |
U.S. Government Report |
4.7 Public-Private Cooperation, 5.2 Private Efforts/Organizations, 5.3 government Organizations
|
National Infrastructure Advisory Council |
2004 |
Hardening The Internet |
Yes |
U.S. Government Report |
3.3 Security Targets, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
National Initiative for Cybersecurity Education |
2011-08-11 |
National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation |
No |
U.S. Government Report |
1. Overview, 5.3 Government Organizations
|
National Initiative for Cybersecurity Education (NICE) |
2011-11-21 |
NICE Cybersecurity Workforce Framework |
No |
U.S. Government Report |
4.4 Usability/Human Factors, 5.3 Government Organizations
|
National Institute of Standards and Technology |
2006 |
SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security |
Yes |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, .2.1 Risk Management and Investment, 5.2 Private Efforts/Organizations
|
National Institute of Standards and Technology (NIST) |
2010-09-02 |
NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas, 5.1 Regulation/Liability, 5.3 Government Organizations
|
National Research Council |
2009 |
Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities |
No |
Independent Report |
|
National Research Council |
2010-09-21 |
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop |
No |
Independent Report |
4.2 Economics of Cybersecurity, 4.4 Usability/Human Factors, 4.10 Privacy
|
National Research Council |
2010-10-05 |
Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy |
No |
Independent Report |
3. Threats and Actors, 4. Issues, 5. Approaches
|
National Research Council |
1999 |
Trust in Cyberspace |
Yes |
Independent Report |
3.3.3.2 Public Data Networks, 4.2.2 Incentives, 4.7 Public-Private Cooperation
|
National Research Council |
2007 |
Toward a Safer and More Secure Cyberspace |
Yes |
Independent Report |
1. Overview, 4.8 Attribution, 5.6 Deterrence
|
National Research Council, Committee for Advancing Software-Intensive Systems Producibility |
2010-10-20 |
Critical Code: Software Producibility for Defense |
No |
Independent Reprot |
3.3.1.2 Military Networks (.mil), 5.3 Government Organizations, 5.7 Technology
|
National Science and Technology Council |
2006 |
Federal Plan for Cyber Security and Information Assurance Research and Development |
Yes |
U.S. Government Report |
4.1 Metrics, 4.7 Attribution, 4.8 Public-Private Cooperation
|
National Science Foundation |
2011-08-11 |
At the Forefront of Cyber Security Research |
No |
U.S. Government Report |
5.7 Technology
|
National Science Foundation |
2012-01-17 |
Information Security Risk Taking |
No |
U.S. Government Report |
4.1 Metrics, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations
|
National Security Cyberspace Institute |
2012-07-11 |
Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies |
No |
Independent Report |
|
National Security Initiative |
2010-10-18 |
American Security Challenge |
No |
Independent Report |
|
Networking and Information Technology Research and Development |
2009 |
National Cyber Leap Year Summit 2009, Co-Chairs' Report |
Yes |
U.S. Government Report |
4.6 Information Sharing/Disclosure, 4.9 Identity Management, 5.7 Technology
|
NIST |
2011-09-01 |
Cloud Computing Reference Architecture |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing
|
NIST |
2011-12-01 |
U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing, 5.3 Government Organizations
|
NIST |
2012-02-17 |
Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace |
No |
U.S. Government Report |
4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
|
Nojeim, Gregory T. |
2009 |
Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace |
Yes |
U.S. Government Hearing |
3.3.2 Private Critical Infrastructure, 4.10 Privacy, 5.1 Regulation/Liability
|
North American Electric Reliability Corp. (NERC) |
2011-01-26 |
Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
|
NSTC |
2011-12 |
Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program |
No |
U.S. Government Report |
5.3 Government Organizations
|
Nye, Joseph |
2010 |
Cyber Power |
Yes |
Book |
4.12 Cyberwar, 4.13 Espionage, 5.5 International Law (including Laws of War)
|
OECD |
2009 |
Cybersecurity and Economic Incentives |
Yes |
Non-U.S. Government Report |
4.2 Economics of Cybersecurity, 4.2.2 Incentives
|
OECD |
2009 |
The Market Consequences of Cybersecurity |
Yes |
Non-U.S. Government Report |
4.2 Economics of Cybersecurity, 4.2.2 Incentives
|
Office of the National Counterintelligence Executive |
2011-11-03 |
Foreign Spies Stealing US Economic Secrets in Cyberspace |
No |
U.S. Government Report |
3. Threats and Actors, 3.2 Actors and Incentives, 4.13 Espionage
|
Organisation for Economic Co-operation and Development (OECD) |
2010-11-12 |
The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data |
No |
Independent Report |
3. Threats and Actors, 5.7 Technology
|
Organization for Economic Co-operation and Development (OECD) |
2012-01-10 |
ICT Applications for the Smart Grid: Opportunities and Policy Implications |
No |
Independent Report |
|
PCAST |
2010-12 |
Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology |
No |
U.S. Government Report |
4.3 Supply Chain Issues, 4.10 Privacy, 5.3 Government Organizations
|
PCAST |
2011-06 |
Report to the President on Ensuring American Leadership in Advanced Manufacturing |
No |
U.S. Government Report |
4.2.1 Risk Management and Investment, 5.3 Government Organizations
|
Perkins, Earl |
2009 |
Evolving Cybersecurity Issues in the Utility Industry |
Yes |
Independent Report |
3.3.2 Private Critical Infrastructure, 3.3.2.4 Water, Sewer, etc., 4.7 Public-Private Cooperation
|
Pew Research Center’s Internet & American Life Project |
2010-06-11 |
The future of cloud computing |
No |
Independent Report |
3.3.3.3 Cloud Computing
|
Powell, Benjamin |
2005 |
Is Cybersecurity a Public Good |
Yes |
Journal Article |
4.2 Economics of Cybersecurity, 4.2.5 Market Failure, 5.1 Regulation/Liability
|
President's Commission on Critical Infrastructure Protection |
1997 |
Critical Foundations |
Yes |
U.S. Government Report |
3.3.2 Private Critical Infrastructure, 3.3.3 Communications, 5.3 Government Organizations
|
President's Information Technology Advisory Council |
2005 |
Cyber Security: A Crisis of Prioritization |
Yes |
U.S. Government Report |
4.2.2 Incentives, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
Project on National Security Reform (PNSR) |
2010-11 |
The Power of People: Building an Integrated National Security Professional System for the 21st Century |
No |
U.S. Government Report |
4.4 Usability/Human Factors, 5.3 Government Organizations
|
Quadrennial Defense Review |
2010-07-30 |
The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report) |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil), 5.3 Government Organizations
|
RAND |
2011-12-21 |
A Cyberworm that Knows No Boundaries |
No |
Independent Report |
3. Threats and Actors, 5.3 Government Organizations, 5.7 Technology
|
Rattray, Gregory and Healey, Jason |
2010 |
Categorizing and Understanding Offensive Cyber Capabilities and Their Use |
No |
Journal Article |
3.1 The Threat and Skeptics, 3.3 Security Targets, 4.12 Cyberwar
|
Rollins, John and Wilson, Clay |
2007 |
Terrorist Capabilities for Cyberattack |
Yes |
U.S. Government Report |
3.2.4 Terrorists, 3.3 Security Targets, 4.2.2 Incentives
|
Romanosky et al. |
2008 |
Do Data Breach Disclosure Laws Reduce Identity Theft |
Yes |
Independent Report |
4.2.2 Incentives, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
|
Rosenzweig, Paul |
2010 |
The Organization of the United States Government and Private Sector for Achieving Cyber Deterrence |
No |
Journal Article |
4.3 Supply Chain Issues, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
Rotenberg et. al. |
2010 |
The Cyber War Threat Has Been Grossly Exaggerated |
Yes |
Article |
3.1 The Threat and Skeptics, 3.2.1 States, 4.12 Cyberwar
|
Rue, Rachel and Pfleeger, Shari Lawrence |
2009 |
Making the Best Use of Cybersecurity Economic Models |
Yes |
Journal Article |
4.1 Metrics, 4.2.1 Risk Management and Investment
|
Santos, Joost R., et. al |
2007 |
A Framework for Linking Cybersecurity Metrics to the Modeling of Macroeconomic Interdependencies |
Yes |
Journal Article |
3.3.2 Private Critical Infrastructure, 4.1 Metrics
|
Schmitt Michael N |
2002 |
Wired warfare: Computer network attack and jus in bello |
Yes |
Journal Article |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Schmitt Michael N |
2004 |
Direct Participation in Hostilities and 21st Century Armed Conflict |
Yes |
Journal Article |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Schmitt, Michael N. |
1999 |
Computer Network Attack and the Use of Force in International Law |
Yes |
Journal Article |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Schmitt, Michael N. |
2010 |
Cyber Operations in International Law: The Use of Force, Collective Security, Self-Defense, and Armed Conflicts |
No |
Journal Article |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Schmitt, Michael N., et. al |
2004 |
Computers and War |
Yes |
Independent Report |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
Schneidewind, Norman |
2010 |
Metrics for Mitigating Cybersecurity Threats to Networks |
Yes |
Journal Article |
4.1 Metrics
|
Schneier, Bruce |
2003 |
Beyond Fear |
Yes |
Book |
3.2 Actors and Incentives, 4.5 Psychology and Politics, 5.6 Deterrence
|
Schneier, Bruce |
2008 |
Schneier on Security |
Yes |
Book |
3.2 Actors and Incentives, 4.4 Usability/Human Factors, 5.1 Regulation/Liability
|
Schwartz, Paul |
2007 |
Notification of Data Security Breaches |
Yes |
Journal Article |
4.2.2 Incentives, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
|
Secretary of the Air Force |
2011-07-27 |
Legal Reviews of Weapons and Cyber Capabilities |
No |
U.S. Government Report |
4.12 Cyberwar, 5.3 Government Organizations, 5.5 International Law (including Laws of War)
|
Shackelford, Scott J. |
2010 |
Estonia Three Years Later |
Yes |
Journal Article |
3.2.1 States, 4.12 Cyberwar
|
Shah, Shashi K. |
2004 |
The Evolving Landscape of Maritime Cybersecurity |
Yes |
Journal Article |
3.3.1 Public Critical Infrastructure, 3.3.2.3 Transportation
|
Sklerov, Matthew J. |
2009 |
Solving the Dilemma of State Responses to Cyberattacks |
Yes |
Journal Article |
3.2.1 States, 4.8 Attribution, 5.5 International Law (including Laws of War)
|
Sofaer, Abraham; Clark, David; and Diffie, Whitfield |
2010 |
Cyber Security and International Cooperation |
No |
Journal Article |
5.1 Regulation/Liability, 5.4 International Cooperation, 5.5 International Law (including Laws of War)
|
Software and Information Industry Association (SAII) |
2011-07-26 |
Guide to Cloud Computing for Policy Makers |
No |
Independent Report |
3.3.3.3 Cloud Computing, 5.1 Regulation/Liability, 5.7 Technology
|
Stohl, Michael |
2006 |
Cyber Terrorism |
Yes |
Journal Article |
3.2.3 Hacktivists, 3.2.4 Terrorists, 4.5 Psychology and Politics
|
Stuart Madnick et al. |
2009 |
Experiences and Challenges with Using CERT Data to Analyze International Cyber Security |
Yes |
Journal Article |
4.6 Information Sharing/Disclosure, 5.4 International Cooperation
|
Swire, Peter P. |
2004 |
A Model for When Disclosure Helps Security |
Yes |
Journal Article |
4.2.2 Incentives, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
|
Swire, Peter P. |
2006 |
A Theory of Disclosure for Security and Competitive Reasons |
Yes |
Journal Article |
4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
|
Symantec |
2011-10-24 |
W32.Duqu: The Precursor to the Next Stuxnet |
No |
Industry Report |
3. Threats and Actors, 5.7 Technology
|
Symantec Corporation |
2010 |
Symantec Global Internet Security Threat Report |
Yes |
Industry Report |
3.3.2.2 Financial Institutions and Networks, 4.2 Economics of Cybersecurity, 4.11 Cybercrime
|
Telang, Rahul |
2007 |
Impact of Software Vulnerability Announcements on the Market Value of Software Vendors |
Yes |
Journal Article |
4.1 Metrics, 4.2 Economics of Cybersecurity, 4.6 Information Sharing/Disclosure
|
Theohary, Catherine A. and Rollins, John |
2010 |
Cybersecurity: Current Legislation, Executive Branch Initiatives, and Options for Congress |
Yes |
U.S. Government Report |
4.7 Public-Private Cooperation, 5.1 Regulation/Liability, 5.3 Government Organizations
|
Thom, Maxie |
2006 |
Information Warfare Arms Control: Risks and Costs |
Yes |
Journal Article |
3.2.1 States, 4.12 Cyberwar, 5. Approaches
|
Thomas, Rob |
2006 |
The Underground Economy |
Yes |
Journal Article |
3.2.5 Criminals and Criminal Organizations, 3.3.2.2 Financial Institutions and Networks, 4.11 Cybercrime
|
Threat Level Blog (Wired) |
2010-12-27 |
A Four-Day Dive Into Stuxnet’s Heart |
No |
Independent Report |
3. Threats and Actors, 5.7 Technology
|
Todd, Graham H. |
2009 |
Armed Attack in Cyberspace |
Yes |
Journal Article |
3.2.1 States, 4.8 Attribution, 5.5 International Law (including Laws of War)
|
Trend Micro Incorporated |
2010 |
Trend Micro Annual Report |
Yes |
Industry Report |
4.11 Cybercrime
|
U.S. Air Force |
2010-07-15 |
Cyberspace Operations: Air Force Doctrine Document 3-12 |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil), 4.12 Cyberwar, 5.3 Government Organizations
|
U.S. Army War College |
2011-05-09 |
Cyber Infrastructure Protection |
No |
U.S. Government Report |
|
U.S. Army War College, Strategy Research Project |
2011-03-24 |
China’s Cyber Power and America’s National Security |
No |
U.S. Government Report |
3.2.1 States, 4.13 Espionage, 5.3 Government Organizations
|
U.S. Department of Energy, Infrastructure Security and Energy Restoration |
2007-01-01 |
21 Steps to Improve Cyber Security of SCADA Networks |
No |
U.S. Government Report |
3.3 Security Targets, 5.3 Government Organizations, 5.7 Technology
|
U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs) |
2010-009 |
Defending a New Domain |
No |
U.S. Government Report |
|
U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power) |
2011-03-31 |
Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs |
No |
U.S. Government Hearing |
4.2 Economics of Cybersecurity, 5.3 Government Organizations
|
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2011-02-11 |
What Should the Department of Defense’s Role in Cyber Be? |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics, 4.12 Cyberwar, 5.3 Government Organizations
|
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2011-03-16 |
2012 Budget Request from U.S. Cyber Command |
No |
U.S. Government Hearing |
3.3.1.2 Military Networks (.mil), 4.2 Economics of Cybersecurity
|
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2011-11-03 |
Institutionalizing Irregular Warfare Capabilities |
No |
U.S. Government Hearing |
4.12 Cyberwar
|
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2012-03-20 |
Fiscal 2013 Defense Authorization: IT and Cyber Operations |
No |
U.S. Government Hearing |
4.2.1 Risk Management and Investment, 5.3 Government Organizations
|
U.S. House Committee on Energy and Commerce |
2011-05-31 |
Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act |
No |
U.S. Government Hearing |
3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
|
U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade) |
2011-06-02 |
Sony and Epsilon: Lessons for Data Security Legislation |
No |
U.S. Government Hearing |
4.9 Identity Management, 5.1 Regulation/Liability, 5.2 Private Efforts/Organizations
|
U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing) |
2011-06-15 |
Discussion Draft of H.R. ___, a bill to require greater protection for sensitive consumer data and timely notification in case of breach |
No |
U.S. Government Hearing |
4.6 Information Sharing/Disclosure, 4.10 Privacy, 5.1 Regulation/Liability
|
U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology) |
2012-03-07 |
Cybersecurity:Networks The Pivotal Role of Communications |
No |
U.S. Government Hearing |
3.3.3 Communications, 5.3 Government Organizations, 5.7 Technology
|
U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology) |
2012-03-28 |
Cybersecurity:Threats to Communications Networks and Public-Sector Responses |
No |
U.S. Government Hearing |
3.3.3 Communications, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) |
2011-07-26 |
Cybersecurity: Infrastructure An Overview of Risks to Critical |
No |
U.S. Government Hearing |
3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) |
2012-02-28 |
Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security |
No |
U.S. Government Hearing |
3.3.2.1 Electricity, Oil and Natural Gas, 4.2.1 Risk Management and Investment
|
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) |
2012-03-27 |
IT Supply Chain Security: Review of Government and Industry Efforts |
No |
U.S. Government Hearing |
4.3 Supply Chain Issues
|
U.S. House Committee on Financial Services (field hearing in Hoover, AL) |
2011-06-29 |
Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information |
No |
U.S. Government Hearing |
3.3.2.2 Financial Institutions and Networks, 5.1 Regulation/Liability
|
U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit) |
2011-09-14 |
Combating Cybercriminals |
No |
U.S. Government Hearing |
3.3.1.1 Government Networks (.gov), 3.3.2.2 Financial Institutions and Networks, 5.7 Government Organizations
|
U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations) |
2011-04-15 |
Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology |
No |
U.S. Government Hearing |
3.2.1 States, 4.12 Cyberwar, 4.13 Espionage
|
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence) |
2012-04-19 |
The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development |
No |
U.S. Government Hearing |
4.2.1 Risk Management and Investment, 5.3 Government Organizations, 5.7 Technology
|
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence) |
2012-04-26 |
Iranian Cyber Threat to U.S. Homeland |
No |
U.S. Government Hearing |
3.2.1 States, 3.3 Security Targets, 4.12 Cyberwar
|
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2011-02-11 |
Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities |
No |
U.S. Government Hearing |
3.3.2 Private Critical Infrastructure, 5.1 Regulation/Liability, 5.7 Technology
|
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2011-03-16 |
Examining the Cyber Threat to Critical Infrastructure and the American Economy |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics, 3.3 Security Targets, 4.2 Economics of Cybersecurity
|
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2011-04-15 |
DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure |
No |
U.S. Government Hearing |
3.3.2 Private Critical Infrastructure, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
|
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2011-06-24 |
Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal |
No |
U.S. Government Hearing |
3.3.1.1 Government Networks (.gov), 4.9 Identity Management, 5.3 Government Organizations
|
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2011-12-06 |
Hearing on Draft Legislative Proposal on Cybersecurity |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
|
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2012-02-01 |
Consideration and Markup of H.R. 3674 |
No |
U.S. Government Hearing |
4.6 Information Sharing/Disclosure, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
|
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology) |
2011-10-06 |
Cloud Computing: What are the Security Implications? |
No |
U.S. Government Hearing |
3.3.3.3 Cloud Computing, 4.13 Espionage, 5.3 Government Organizations
|
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies) |
2011-05-26 |
Unlocking the SAFETY Act’s Potential to Promote Technology and Combat Terrorism |
No |
U.S. Government Hearing |
4.11 Cybercrime, 5.1 Regulation/Liability, 5.7 Technology
|
U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management) |
2012-04-24 |
America is Under Cyber Attack: Why Urgent Action is Needed |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics, 3.2 Actors and Incentives
|
U.S. House Committee on Oversight and Government Reform |
2011-07-07 |
Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat |
No |
U.S. Government Hearing |
3.3 Security Targets, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations) |
2011-05-25 |
Cybersecurity: Assessing the Immediate Threat to the United States |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics, 3.3.1 Public Critical Infrastructure, 4.7 Public-Private Cooperation
|
U.S. House Committee on Science, Space and Technology |
2011-07-21 |
Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011 |
No |
U.S. Government Hearing |
4.2.1 Risk Management and Investment, 5.1 Regulation/Liability, 5.7 Technology
|
U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education) |
2011-05-25 |
Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts |
No |
U.S. Government Hearing |
3.3.1.1 Government Networks (.gov), 5.3 Government Organizations, 5.7 Technology
|
U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight) |
2012-02-29 |
NASA Cybersecurity: An Examination of the Agency’s Information Security |
No |
U.S. Government Hearing |
3.3.1 Public Critical Infrastructure, 5.3 Government Organizations, 5.7 Technology
|
U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation) |
2011-09-21 |
The Cloud Computing Outlook |
No |
U.S. Government Hearing |
3.3.3.3 Cloud Computing, 4.7 Public-Private Cooperation, 5.1 Regulation/Liability
|
U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology) |
2011-12-01 |
Cyber Security: Protecting Your Small Business |
No |
U.S. Government Hearing |
4.2.1 Risk Management and Investment, 5.1 Regulation/Liability
|
U.S. House Committee on the Judiciary |
2011-11-16 |
Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act) |
No |
U.S. Government Hearing |
4.11 Cybercrime, 5.1 Regulation/Liability
|
U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security) |
2011-11-15 |
Cybersecurity: Protecting America’s New Frontier |
No |
U.S. Government Hearing |
4.10 Privacy, 4.11 Cybercrime
|
U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet) |
2011-05-25 |
Cybersecurity: Problems Innovative Solutions to Challenging |
No |
U.S. Government Hearing |
4.7 Public-Private Cooperation, 4.11 Cybercrime, 5.2 Private Efforts/Organizations
|
U.S. House Permenant Select Committee on Intelligence |
2011-02-10 |
World Wide Threats |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics, 5.1 Regulation/Liability, 5.3 Government Organizations
|
U.S. House Permenant Select Committee on Intelligence |
2011-10-04 |
Cyber Threats and Ongoing Efforts to Protect the Nation |
No |
U.S. Government Hearing |
4.7 Public-Private Cooperation, 4.13.2 Industrial Espionage, 5.4 International Cooperation
|
U.S. House Permenant Select Committee on Intelligence |
2011-12-01 |
Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011 |
No |
U.S. Government Hearing |
4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
|
U.S. Navy |
2010-06-17 |
DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil), 5.3 Government Organizations
|
U.S. Senate Committee on Armed Services |
2012-03-27 |
To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program. |
No |
U.S. Government Hearing |
3.2.1 States, 4.2 Economics of Cybersecurity, 4.12 Cyberwar
|
U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2011-05-03 |
To receive testimony on the health and status of the defense industrial base and its science and technology-related elements |
No |
U.S. Government Hearing |
3.3.1.2 Military Networks (.mil), 4.3 Supply Chain Issues, 5.3 Government Organizations
|
U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2012-03-20 |
To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program |
No |
U.S. Government Hearing |
4.2.1 Risk Management and Investment, 4.12 Cyberwar, 5.3 Government Organizations
|
U.S. Senate Committee on Banking, Housing and Urban Affairs |
2011-06-21 |
Cybersecurity and Data Protection in the Financial Sector |
No |
U.S. Government Hearing |
3.3.2.2 Financial Institutions and Networks, 4.10 Privacy, 5.1 Regulation/Liability
|
U.S. Senate Committee on Commerce, Science and Transportation |
2011-06-29 |
Privacy and Data Security: Protecting Consumers in the Modern World |
No |
U.S. Government Hearing |
4.9 Identity Management, 4.10 Privacy, 5.1 Regulation/Liability
|
U.S. Senate Committee on Energy and Natural Resources |
2011-03-15 |
[ Cybersecurity and Critical Electric Infrastructure (closed)] |
No |
U.S. Government Hearing |
3.3.2.1 Electricity, Oil and Natural Gas
|
U.S. Senate Committee on Energy and Natural Resources |
2011-05-05 |
Cybersecurity of the Bulk-Power System and Electric Infrastructure |
No |
U.S. Government Hearing |
3.3.2.1 Electricity, Oil and Natural Gas, 4.7 Public-Private Cooperation
|
U.S. Senate Committee on Homeland Security and Governmental Affairs |
2011-02-17 |
Homeland Security Department’s Budget Submission for Fiscal Year 2012 |
No |
U.S. Government Hearing |
|
U.S. Senate Committee on Homeland Security and Governmental Affairs |
2011-03-10 |
Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration |
No |
U.S. Government Hearing |
3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations
|
U.S. Senate Committee on Homeland Security and Governmental Affairs |
2011-05-23 |
Protecting Cyberspace: Assessing the White House Proposal |
No |
U.S. Government Hearing |
3.3 Security Targets, 5.1 Regulation/Liability
|
U.S. Senate Committee on Homeland Security and Governmental Affairs |
2012-02-16 |
Securing America’s Future: The Cybersecurity Act of 2012 |
No |
U.S. Government Hearing |
3.3.2 Private Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
|
U.S. Senate Committee on Judiciary |
2011-03-30 |
Oversight of the Federal Bureau of Investigation |
No |
U.S. Government Hearing |
3. Threats and Actors, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations
|
U.S. Senate Committee on Judiciary |
2011-09-07 |
Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats |
No |
U.S. Government Hearing |
3.11 Cybercrime, 4.13.2 Industrial Espionage, 5.1 Regulation/Liability
|
U.S. Senate Committee on Judiciary |
2012-03-13 |
The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know |
No |
U.S. Government Hearing |
3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.1 Regulation/Liability
|
U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism) |
2011-04-12 |
Cyber Security: Responding to the Threat of Cyber Crime and Terrorism |
No |
U.S. Government Hearing |
4.11 Cybercrime, 5.1 Regulation/Liability
|
U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism) |
2011-06-21 |
Cybersecurity: Evaluating the Administration’s Proposals |
No |
U.S. Government Hearing |
1. Overview, 5.1 Regulation/Liability, 5.3 Government Organizations
|
U.S. Senate Committee on Small Business and Entrepreneurship |
2011-07-25 |
Role of Small Business in Strengthening Cybersecurity Efforts in the United States |
No |
U.S. Government Hearing |
4.2.2 Incentives, 4.7 public-Private Cooperation
|
United States Secret Service |
2004 |
Insider Threat Study |
Yes |
U.S. Government Report |
3.3.2.2 Financial Institutions and Networks, 4.2.2 Incentives, 4.4 Usability/Human Factors
|
University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research |
2011-01-13 |
Design of the DETER Security Testbed |
No |
Independent Report |
5.3 Government Organizations, 5.7 Technology
|
van Eeten, Michael and Bauer, Johannes M. |
2009 |
Emerging Threats to Internet Security: Incentives, Externalities and Policy Implications |
Yes |
Journal Article |
3.3.1.1 Government Networks (.gov), 4.2 Economics of Cybersecurity, 4.11 Cybercrime
|
van Eeten, Michel J. G. |
2008 |
Economics of Malware |
Yes |
Non-U.S. Government Report |
4.2 Economics of Cybersecurity
|
Varian, Hal |
2000 |
Managing Online Security Risks |
Yes |
Article |
4.2 Economics of Cybersecurity, 4.2.1 Risk Management and Investment
|
Varian, Hal |
2004 |
System Reliability and Free Riding |
Yes |
Book |
4.2 Economics of Cybersecurity
|
Vatis, Michael A. |
2010 |
The Council of Europe Convention on Cybercrime |
No |
Journal Article |
4.11 Cybercrime, 5.5 International Law (including Laws of War), 5.6 Deterrence
|
Verizon |
2010 |
2010 Data Breach Investigations Report |
Yes |
Industry Report |
3.3.2.2 Financial Institutions and Networks, 4.11 Cybercrime, 5.2 Private Efforts/Organizations
|
Watts, Sean |
2010 |
Combatant Status and Computer Network Attack |
Yes |
Journal Article |
3.2.1 States, 4.12 Cyberwar, 5.5 International Law (including Laws of War)
|
White House |
2009 |
Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure |
No |
U.S. Government Report |
1. Overview, 4.7 Public-Private Cooperation
|
White House |
2011-04 |
National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy |
No |
U.S. Government Report |
4.7 Public-Private Cooperation, 4.9 Identity Management
|
White House |
2011-05 |
International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World |
No |
U.S. Government Report |
1. Overview
|
White House |
2012-01 |
National Strategy for Global Supply Chain Security |
No |
U.S. Government Report |
4.3 Supply Chain Issues
|
White House |
2012-02 |
Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy |
No |
U.S. Government Report |
4.10 Privacy, 5.1 Regulation/Liability
|
White House |
2010-12-16 |
Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 4. Issues, 5. Approaches
|
White House |
2011-02-13 |
Federal Cloud Computing Strategy |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing, 5.3 Government Organizations, 5.7 Technology
|
White House |
2011-04-15 |
Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace |
No |
U.S. Government Report |
4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
|
White House |
2011-04-15 |
National Strategy for Trusted Identities in Cyberspace |
No |
U.S. Government Report |
4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
|
White House |
2003 |
The National Strategy to Secure Cyberspace |
Yes |
U.S. Government Report |
4.7 Public-Private Cooperation, 5.3 Government Organizations, 5.4 International Cooperation
|
White House |
2009 |
Cyberspace Policy Review |
Yes |
U.S. Government Report |
4.7 Public-Private Cooperation, 5.2 Private Efforts/Organizations, 5.3 Government Organizations
|
White House |
2010 |
The Comprehensive National Cybersecurity Initiative |
Yes |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 3.3.2 Private Critical Infrastructure, 5.3 Government Organizations
|
White House (Office of Science & Technology Policy) |
2010-12-06 |
Partnership for Cybersecurity Innovation |
No |
U.S. Government Report |
3.3.2.2 Financial Institutions and Networks, 4.7 Public-Private Cooperation, 5.3 Government Organizations
|
White House/Office of Management and Budget (OMB) |
2011-12-08 |
Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP) |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing, 5.3 Government Organizations
|
White House/OMB |
2009-05-29 |
Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure |
No |
U.S. Government Report |
4. Issues, 5. Approaches
|
White House/OMB |
2010-03-02 |
Comprehensive National Cybersecurity Initiative (CNCI) |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 5.3 Government Organizations, 5.7 Technology
|
White House/OMB |
2010-06-25 |
The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy |
No |
U.S. Government Report |
4.7 Public-Private Cooperation, 4.9 Identity Management, 5.3 Government Organizations
|
White House/OMB |
2010-07-06 |
Clarifying Cybersecurity Responsibilities |
No |
U.S. Government Report |
5.3 Government Organizations
|
White House/OMB |
2010-12-09 |
25 Point Implementation Plan to Reform Federal Information Technology Management |
No |
U.S. Government Report |
4.2 Economics of Cybersecurity, 5.3 Government Organizations, 5.7 Technology
|
White House/OMB |
2011-02-13 |
Federal Cloud Computing Strategy |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing, 5.3 Government Organizations, 5.7 Technology
|
White House/OMB |
2011-05-12 |
Cybersecurity Legislative Proposal (Fact Sheet) |
No |
U.S. Government Report |
4. Issues, 5.3 Government Organizations
|
White House/OMB |
2011-05-16 |
International Strategy for Cyberspace |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure, 5.3 Government Organizations, 5.4 International Cooperation
|
White House/OMB |
2011-09-14 |
FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure, 5.3 Government Organizations
|
White House/OMB |
2011-10-07 |
Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure, 4.6 Information Sharing/Disclosure, 5.3 Government Organizations
|
White House/OMB |
2011-12-06 |
Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program |
No |
U.S. Government Report |
5.3 Government Organizations, 5.7 Technology
|
Wilshusen, Gregory C. and Powner, David A. |
2009 |
Continued Efforts Are Needed to Protect Information Systems from Evolving Threats |
Yes |
U.S. Government Hearing |
3.3.1.1 Government Networks (.gov), 5.1 Regulation/Liability, 5.3 Government Organizations
|
Wilson, Clay |
2007-03-20 |
Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues |
No |
U.S. Government Report |
3.3 Security Targets, 4.12 Cyberwar
|
Zittrain, Jonathan L. |
2008 |
The Future of the Internet and How To Stop It |
Yes |
Book |
4.4 Usability/Human Factors, 5.1 Regulation/Liability
|
Centre for Secure Information Technologies |
2012 |
2nd World Cyber security Technology Research Summit (Belfast 2012) |
No |
Independent Report |
|