Template:Filtered Table

From Cybersecurity Wiki
Revision as of 14:30, 3 August 2012 by Gili (Talk | contribs)

Jump to: navigation, search
U.S. Government Report
U.S. Government Hearing
Non-U.S. Government Report
Independent Report
Industry Report
Book
Journal Article
Article
1. Overview
3. Threats and Actors
3.1 The Threat and Skeptics
3.2 Actors and Incentives
3.2.1 States
3.2.2 Groups
3.2.3 Hacktivists
3.2.4 Terrorists
3.2.5 Criminals and Criminal Organizations
3.3 Security Targets
3.3.1 Public Critical Infrastructure
3.3.1.1 Government Networks (.gov)
3.3.1.2 Military Networks (.mil)
3.3.2 Private Critical Infrastructure
3.3.2.1 Electricity, Oil and Natural Gas
3.3.2.2 Financial Institutions and Networks
3.3.2.3 Transportation
3.3.2.4 Water, Sewer, etc.
3.3.3 Communications
3.3.3.1 Telephone
3.3.3.2 Public Data Networks
3.3.3.3 Cloud Computing
4. Issues
4.1 Metrics
4.2 Economics of Cybersecurity
4.2.1 Risk Management and Investment
4.2.2 Incentives
4.2.3 Insurance
4.2.4 Behavioral Economics
4.2.5 Market Failure
4.3 Supply Chain Issues
4.4 Usability/Human Factors
4.5 Psychology and Politics
4.6 Information Sharing/Disclosure
4.7 Public-Private Cooperation
4.8 Attribution
4.9 Identity Management
4.10 Privacy
4.11 Cybercrime
4.12 Cyberwar
4.13 Espionage
4.13.1 Government to Government
4.13.2 Industrial
4.13.3 Media Perceptions
5. Approaches
5.1 Regulation/Liability
5.2 Private Efforts/Organizations
5.3 Government Organizations
5.4 International Cooperation
5.5 International Law (including Laws of War)
5.6 Deterrence
5.7 Technology
Author/Agency Date Title Wiki Entry Type Category
Schneier, Bruce 2003 Beyond Fear Yes Book 3.2 Actors and Incentives,
4.5 Psychology and Politics,
5.6 Deterrence
Camp, L. Jean 2004 Economics of Information Security Yes Book 4.2 Economics of Cybersecurity,
5.1 Regulation/Liability
Camp, L. Jean 2004 Pricing Security Yes Book 4.2.1 Risk Management and Investment,
4.2.2 Incentives
Varian, Hal 2004 System Reliability and Free Riding Yes Book 4.2 Economics of Cybersecurity
Grady, Mark F. 2006 The Law and Economics of Cybersecurity Yes Book 4.2 Economics of Cybersecurity,
5.1 Regulation/Liability
Gandal, Neil 2008 An Introduction to Key Themes in the Economics of Cyber Security Yes Book 4.2 Economics of Cybersecurity,
4.2.2 Incentives,
5.7 Technology
Johnson, Eric M. 2008 Managing Information Risk and the Economics of Security Yes Book 4.2 Economics of Cybersecurity,
4.2.1 Risk Management and Investment,
5.1 Regulation/Liability
Schneier, Bruce 2008 Schneier on Security Yes Book 3.2 Actors and Incentives,
4.4 Usability/Human Factors,
5.1 Regulation/Liability
Anderson, Ross J. 2008 Security Engineering Yes Book 3.2 Security Targets,
4.2 Economics of Cybersecurity,
5.1 Regulation/Liability
Zittrain, Jonathan L. 2008 The Future of the Internet and How To Stop It Yes Book 4.4 Usability/Human Factors,
5.1 Regulation/Liability
Kramer, Franklin D., et. al 2009 Cyberpower and National Security Yes Book 1. Overview
Moore, Tyler 2009 The Impact of Incentives on Notice and Take-down Yes Book 4.2.2 Incentives,
4.11 Cybercrime,
5.4 International Cooperation
Nye, Joseph 2010 Cyber Power Yes Book 4.12 Cyberwar,
4.13 Espionage,
5.5 International Law (including Laws of War)
Clarke, Richard A. 2010 Cyber War Yes Book 3.1 The Threat and Skeptics,
3.2.1 States,
4.12 Cyberwar
Rotenberg et. al. 2010 The Cyber War Threat Has Been Grossly Exaggerated Yes Article 3.1 The Threat and Skeptics,
3.2.1 States,
4.12 Cyberwar
Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum 2009-09-15 National Security Threats in Cyberspace No Independent Report
IEEE/EastWest Institute 2010-05-26 The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report) No Independent Report 3.3.3 Communications,
4.7 Public-Private Cooperation,
5.4 International Cooperation
Pew Research Center’s Internet & American Life Project 2010-06-11 The future of cloud computing No Independent Report 3.3.3.3 Cloud Computing
Council on Foreign Relations 2010-07-15 Untangling Attribution: Moving to Accountability in Cyberspace [Testimony] No Independent Report 3.2 Actors and Incentives,
4.8 Attribution,
5. Approaches
National Research Council 2010-09-21 Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop No Independent Report 4.2 Economics of Cybersecurity,
4.4 Usability/Human Factors,
4.10 Privacy
National Research Council 2010-10-05 Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy No Independent Report 3. Threats and Actors,
4. Issues,
5. Approaches
National Security Initiative 2010-10-18 American Security Challenge No Independent Report
Organisation for Economic Co-operation and Development (OECD) 2010-11-12 The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data No Independent Report 3. Threats and Actors,
5.7 Technology
Institute for Science and International Security 2010-12-22 Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment No Independent Report 3. Threats and Actors,
3.3 Security Targets,
5.7 Technology
Threat Level Blog (Wired) 2010-12-27 A Four-Day Dive Into Stuxnet’s Heart No Independent Report 3. Threats and Actors,
5.7 Technology
University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research 2011-01-13 Design of the DETER Security Testbed No Independent Report 5.3 Government Organizations,
5.7 Technology
EastWest Institute 2011-02-03 Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace No Independent Report 3.2.1 States,
5.4 International Cooperation,
5.5 International Law (including Laws of War)
Massachusetts Institute of Technology (MIT) 2011-12-05 The Future of the Electric Grid No Independent Report 3.3.2.1 Electricity, Oil and Natural Gas,
4. Issues,
5.1 Regulation/Liability
RAND 2011-12-21 A Cyberworm that Knows No Boundaries No Independent Report 3. Threats and Actors,
5.3 Government Organizations,
5.7 Technology
National Association of Secretaries of State 2012-01-12 Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices No Independent Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
International Telecommunications Union 2012-02-10 ITU Toolkit for Cybercrime Legislation No Independent Report
Center for a New American Security 2012-06-11 America’s Cyber Future: Security and Prosperity in the Information Age No Independent Report 1. Overview,
4. Issues,
5. Approaches
National Security Cyberspace Institute 2012-07-11 Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies No Independent Report
Centre for Secure Information Technologies 2012-09-11 World Cybersecurity Technology Research Summit (Belfast 2011) No Independent Report
Business Roundtable 2012-10-11 Mission Critical: A Public-Private Strategy for Effective Cybersecurity No Independent Report
Mitre Corp (JASON Program Office) 2012-11-10 Science of Cyber-Security No Independent Report 1. Overview,
4. Issues
Cloud Security Alliance 2012-12-09 Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 No Independent Report 3.3.3.3 Cloud Computing,
4. Issues,
5.2 Private Efforts/Organizations
CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies 2011-01 Cybersecurity Two Years Later No Independent Report 3. Threats and Actors,
5. Approaches,
5.3 Government Organizations
Software and Information Industry Association (SAII) 2011-07-26 Guide to Cloud Computing for Policy Makers No Independent Report 3.3.3.3 Cloud Computing,
5.1 Regulation/Liability,
5.7 Technology
Organization for Economic Co-operation and Development (OECD) 2012-01-10 ICT Applications for the Smart Grid: Opportunities and Policy Implications No Independent Report
National Research Council 1999 Trust in Cyberspace Yes Independent Report 3.3.3.2 Public Data Networks,
4.2.2 Incentives,
4.7 Public-Private Cooperation
Anderson, Ross 2001 Why Information Security is Hard Yes Independent Report 4.2.1 Risk Management and Investment,
4.2.2 Incentives,
5.1 Regulation/Liability
Computing Research Association 2003- Four Grand Challenges in Trustworthy Computing Yes Independent Report 4.4 Usability/Human Factors,
4.6 Information Sharing/Disclosure,
4.9 Identity Management
Institute for Information Infrastructure Protection 2003 Cyber Security Research and Development Agenda Yes Independent Report 4.1 Metrics,
4.2.1 Risk Management and Investment,
5.1 Regulation/Liability
Dörmann, Knut 2004 Applicability of the Additional Protocols to Computer Network Attacks Yes Independent Report 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Schmitt, Michael N., et. al 2004 Computers and War Yes Independent Report 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Lernard, Thomas M. 2005 An Economic Analysis of Notification Requirements for Data Security Breaches Yes Independent Report 4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Bohme, Rainer 2005 Cyber-Insurance Revisited Yes Independent Report 4.2.2 Incentives,
4.2.3 Insurance,
,4.2.5 Market Failure
Bohme, Rainer 2006 Models and Measures for Correlation in Cyber-Insurance Yes Independent Report 4.2.3 Insurance,
5.2 Private Efforts/Organizations
Energetics Inc. 2006 Roadmap to Secure Control Systems in the Energy Sector Yes Independent Report 3.3.1 Public Critical Infrastructure,
4.7 Public-Private Cooperation
Franklin, Jason, et. al 2007 An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants Yes Independent Report 3.2.5 Criminals and Criminal Organizations,
4.2 Economics of Cybersecurity,
4.11 Cybercrime
Moore, Tyler 2007 Examining the Impact of Website Take-down on Phishing Yes Independent Report 4.2 Economics of Cybersecurity,
4.11 Cybercrime,
5.7 Technology
National Research Council 2007 Toward a Safer and More Secure Cyberspace Yes Independent Report 1. Overview,
4.8 Attribution,
5.6 Deterrence
Romanosky et al. 2008 Do Data Breach Disclosure Laws Reduce Identity Theft Yes Independent Report 4.2.2 Incentives,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Financial Services Sector Coordinating Council for Critical Infrastructure Protection 2008 Research Agenda for the Banking and Finance Sector Yes Independent Report 3.3.2.2 Financial Institutions and Networks,
4.1 Metrics,
4.2.1 Risk Management and Investment
Center for Strategic and International Studies 2008 Securing Cyberspace for the 44th Presidency Yes Independent Report 4.7 Public-Private Cooperation,
5.1 Regulation/Liability,
5.4 International Cooperation
Moore, Tyler 2008 The Consequence of Non-Cooperation in the Fight Against Phishing Yes Independent Report 3.3.2.2 Financial Institutions and Networks,
4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure
National Cyber Defense Initiative 2009 National Cyber Defense Financial Services Workshop Report Yes Independent Report 3.3.2.2 Financial Institutions and Networks,
4.2.1 Risk Management and Investment,
5.3 Government Organizations
Bohme, Rainer 2010 Modeling Cyber-Insurance Yes Independent Report 4.2.2 Incentives,
4.2.3 Insurance,
,5.2 Private Efforts/Organizations
Clinton, Larry Undated Cyber-Insurance Metrics and Impact on Cyber-Security Yes Independent Report 4.2.3 Insurance,
5.2 Private Efforts/Organizations
International Instrument Users Association (WIB) 2010-11-10 WIB Security Standard Released No Industry Report 3.3 Security Targets,
5.4 International Cooperation
Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America 2011-03-08 Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper No Industry Report 4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation,
5. Approaches
McAfee and Center for Strategic and International Studies (CSIS) 2011-04-21 In the Dark: Crucial Industries Confront Cyberattacks No Industry Report 3. Threats and Actors,
3.3.2 Private Critical Infrastructure,
4.7 Public-Private Cooperation
Cyber Security Forum Initiative 2011-05-09 Cyber Dawn: Libya No Industry Report 3. Threats and Actors,
4. Issues,
5. Approaches
National Cyber Security Alliance and Microsoft 2011-05-13 2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey No Industry Report 4.4 Usability/Human Factors
McAfee 2011-08-02 Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years No Industry Report 3.2.1 States,
3.3 Security Targets,
4.13 Espionage
Symantec 2011-10-24 W32.Duqu: The Precursor to the Next Stuxnet No Industry Report 3. Threats and Actors,
5.7 Technology
Booz Allen Hamilton and the Economist Intelligence Unit 2012-01-15 Cyber Power Index No Industry Report 4. Issues,
4.1 Metrics,
5. Approaches
McAfee 2012-02-01 Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World No Industry Report 3. Threats and Actors,
4. Issues,
5. Approaches
Business Software Alliance 2012-02-02 Global Cloud Computing Scorecard a Blueprint for Economic Opportunity No Industry Report 3.3.3.3 Cloud Computing
McAfee and the Security Defense Agenda 2012-02-12 Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World No Industry Report 1. Overview,
4. Issues,
5. Approaches
Microsoft 2012-11-10 Information Security Management System for Microsoft Cloud Infrastructure No Industry Report 3.3.3.3 Cloud Computing,
5.2 Private Efforts/Organizations
Computer Economics, Inc. 2007 2007 Malware Report Yes Industry Report 4.2 Economics of Cybersecurity
Verizon 2010 2010 Data Breach Investigations Report Yes Industry Report 3.3.2.2 Financial Institutions and Networks,
4.11 Cybercrime,
5.2 Private Efforts/Organizations
HP TippingPoint DVLabs 2010 2010 Top Cyber Security Risks Report Yes Industry report 4.11 Cybercrime,
5.7 Technology
McAfee, Inc. 2010 McAfee Threats Report Yes Industry Report 3.2.3 Hacktivists,
3.2.5 Criminals and Criminal Organizations,
4.11 Cybercrime
Symantec Corporation 2010 Symantec Global Internet Security Threat Report Yes Industry Report 3.3.2.2 Financial Institutions and Networks,
4.2 Economics of Cybersecurity,
4.11 Cybercrime
Trend Micro Incorporated 2010 Trend Micro Annual Report Yes Industry Report 4.11 Cybercrime
Journal of Strategic Studies 2011-10-05 Cyber War Will Not Take Place No Journal Article
Schmitt Michael N 2002 Wired warfare: Computer network attack and jus in bello Yes Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Schmitt Michael N 2004 Direct Participation in Hostilities and 21st Century Armed Conflict Yes Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Thom, Maxie 2006 Information Warfare Arms Control: Risks and Costs Yes Journal Article 3.2.1 States,
4.12 Cyberwar,
5. Approaches
Graham David E 2010 Cyber Threats and the Law of War Yes Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Dunlap Charles J, Jr 2011 Perspectives for Cyber Strategists on Law for Cyberwar Yes Journal Article 4.12 Cyberwar,
5.3 Government Organizations,
5.5 International Law (including Laws of War)
Schmitt, Michael N. 1999 Computer Network Attack and the Use of Force in International Law Yes Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Barkham, Jason 2001 Information Warfare and International Law on the Use of Force Yes Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Swire, Peter P. 2004 A Model for When Disclosure Helps Security Yes Journal Article 4.2.2 Incentives,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Aviram, Amitai 2004 Overcoming Impediments to Information Sharing Yes Journal Article 4.2.1 Risk Management and Investment,
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation
Johnson, Vincent R. 2005 Cybersecurity, Identity Theft, and the Limits of Tort Liability Yes Journal Article 4.9 Identity Management,
4.10 Privacy,
5.1 Regulation/Liability
Powell, Benjamin 2005 Is Cybersecurity a Public Good Yes Journal Article 4.2 Economics of Cybersecurity,
4.2.5 Market Failure,
5.1 Regulation/Liability
Granick, Jennifer Stisa 2005 The Price of Restricting Vulnerability Publications Yes Journal Article 4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Brown, Davis 2006 A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict Yes Journal Article 3.3.1.2 Military networks (.mil),
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Swire, Peter P. 2006 A Theory of Disclosure for Security and Competitive Reasons Yes Journal Article 4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Kobayashi, Bruce H. 2006 An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods Yes Journal Article 4.2 Economics of Cybersecurity,
4.2.2 Incentives,
5.6 Deterrence
Stohl, Michael 2006 Cyber Terrorism Yes Journal Article 3.2.3 Hacktivists,
3.2.4 Terrorists,
4.5 Psychology and Politics
Arora et al. 2006 Does Information Security Attack Frequency Increase With Vulnerability Disclosure Yes Journal Article 4.2.1 Risk Management and Investment,
4.6 Information Sharing/Disclosure
Lernard, Thomas M. 2006 Much Ado About Notification Yes Journal Article 4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Anderson, Ross 2006 The Economics of Information Security Yes Journal Article 4.2 Economics of Cybersecurity,
5.1 Regulation/Liability,
5.7 Technology
Thomas, Rob 2006 The Underground Economy Yes Journal Article 3.2.5 Criminals and Criminal Organizations,
3.3.2.2 Financial Institutions and Networks,
4.11 Cybercrime
Telang, Rahul 2007 Impact of Software Vulnerability Announcements on the Market Value of Software Vendors Yes Journal Article 4.1 Metrics,
4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure
Schwartz, Paul 2007 Notification of Data Security Breaches Yes Journal Article 4.2.2 Incentives,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
Hollis, Duncan B. 2007 Why States Need an International Law for Information Operations Yes Journal Article 4.12 Cyberwar,
4.13.1 Government to Government Espionage,
5.5 International Law (including Laws of War)
Epstein, Richard A. 2008 Cybersecurity in the Payment Card Industry Yes Journal Article 3.2.5 Criminals and Criminal Organizations,
4.11 Cybercrime,
5.1 Regulation/Liability
Todd, Graham H. 2009 Armed Attack in Cyberspace Yes Journal Article 3.2.1 States,
4.8 Attribution,
5.5 International Law (including Laws of War)
Korns, Stephen W. 2009 Cyber Operations Yes Journal Article 4.8 Attribution,
4.12 Cyberwar,
5.6 Deterrence
Beard, Jack M. 2009 Law and War in the Virtual Era Yes Journal Article 4.12 Cyberwar,
5.5 International Law (including Laws of War)
Sklerov, Matthew J. 2009 Solving the Dilemma of State Responses to Cyberattacks Yes Journal Article 3.2.1 States,
4.8 Attribution,
5.5 International Law (including Laws of War)
Moore, Tyler, et. al 2009 The Economics of Online Crime Yes Journal Article 3.2.5 Criminals and Criminal Organizations,
3.3.2.2 Financial Institutions and Networks,
4.2 Economics of Cybersecurity
Watts, Sean 2010 Combatant Status and Computer Network Attack Yes Journal Article 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Varian, Hal 2000 Managing Online Security Risks Yes Article 4.2 Economics of Cybersecurity,
4.2.1 Risk Management and Investment
European Network and Information Security Agency 2010-10-07 Stuxnet Analysis No Non-U.S. Government Report 3. Threats and Actors,
5.7 Technology
European Network and Information Security Agency (ENISA) 2011-04-11 Resilience of the Internet Interconnection Ecosystem, at: No Non-U.S. Government Report 3. Threats and Actors,
4. Issues,
5. Approaches
Cabinet Office (United Kingdom) 2012-11-11 The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world No Non-U.S. Government Report 3. Threats and Actors,
4.7 Public-Private Cooperation,
5.3 Government Organizations
GAO 2012-02-28 Cybersecurity: Challenges to Securing the Modernized Electricity Grid No Non-U.S. Government Report
van Eeten, Michel J. G. 2008 Economics of Malware Yes Non-U.S. Government Report 4.2 Economics of Cybersecurity
Dunlap, Charles J. Jr. 2009 Towards a Cyberspace Legal Regime in the Twenty-First Century Yes Article 4.5 Psychology and Politics,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Anderson, Ross, et. al 2008 Security Economics and the Internal Market Yes Article 4.2 Economics of Cybersecurity,
4.11 Cybercrime,
5.6 Deterrence
U.S. House Permenant Select Committee on Intelligence 2011-02-10 World Wide Threats No U.S. Government Hearing 3.1 The Threat and Skeptics,
5.1 Regulation/Liability,
5.3 Government Organizations
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2011-02-11 Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities No U.S. Government Hearing 3.3.2 Private Critical Infrastructure,
5.1 Regulation/Liability,
5.7 Technology
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2011-02-11 What Should the Department of Defense’s Role in Cyber Be? No U.S. Government Hearing 3.1 The Threat and Skeptics,
4.12 Cyberwar,
5.3 Government Organizations
U.S. Senate Committee on Homeland Security and Governmental Affairs 2011-02-17 Homeland Security Department’s Budget Submission for Fiscal Year 2012 No U.S. Government Hearing
U.S. Senate Committee on Homeland Security and Governmental Affairs 2011-03-10 Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration No U.S. Government Hearing 3.3.1 Public Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
U.S. Senate Committee on Energy and Natural Resources 2011-03-15 [ Cybersecurity and Critical Electric Infrastructure (closed)] No U.S. Government Hearing 3.3.2.1 Electricity, Oil and Natural Gas
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2011-03-16 2012 Budget Request from U.S. Cyber Command No U.S. Government Hearing 3.3.1.2 Military Networks (.mil),
4.2 Economics of Cybersecurity
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2011-03-16 Examining the Cyber Threat to Critical Infrastructure and the American Economy No U.S. Government Hearing 3.1 The Threat and Skeptics,
3.3 Security Targets,
4.2 Economics of Cybersecurity
U.S. Senate Committee on Judiciary 2011-03-30 Oversight of the Federal Bureau of Investigation No U.S. Government Hearing 3. Threats and Actors,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power) 2011-03-31 Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs No U.S. Government Hearing 4.2 Economics of Cybersecurity,
5.3 Government Organizations
U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism) 2011-04-12 Cyber Security: Responding to the Threat of Cyber Crime and Terrorism No U.S. Government Hearing 4.11 Cybercrime,
5.1 Regulation/Liability
U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations) 2011-04-15 Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology No U.S. Government Hearing 3.2.1 States,
4.12 Cyberwar,
4.13 Espionage
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2011-04-15 DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure No U.S. Government Hearing 3.3.2 Private Critical Infrastructure,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2011-05-03 To receive testimony on the health and status of the defense industrial base and its science and technology-related elements No U.S. Government Hearing 3.3.1.2 Military Networks (.mil),
4.3 Supply Chain Issues,
5.3 Government Organizations
U.S. Senate Committee on Energy and Natural Resources 2011-05-05 Cybersecurity of the Bulk-Power System and Electric Infrastructure No U.S. Government Hearing 3.3.2.1 Electricity, Oil and Natural Gas,
4.7 Public-Private Cooperation
U.S. Senate Committee on Homeland Security and Governmental Affairs 2011-05-23 Protecting Cyberspace: Assessing the White House Proposal No U.S. Government Hearing 3.3 Security Targets,
5.1 Regulation/Liability
U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations) 2011-05-25 Cybersecurity: Assessing the Immediate Threat to the United States No U.S. Government Hearing 3.1 The Threat and Skeptics,
3.3.1 Public Critical Infrastructure,
4.7 Public-Private Cooperation
U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet) 2011-05-25 Cybersecurity: Problems Innovative Solutions to Challenging No U.S. Government Hearing 4.7 Public-Private Cooperation,
4.11 Cybercrime,
5.2 Private Efforts/Organizations
U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education) 2011-05-25 Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts No U.S. Government Hearing 3.3.1.1 Government Networks (.gov),
5.3 Government Organizations,
5.7 Technology
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies) 2011-05-26 Unlocking the SAFETY Act’s Potential to Promote Technology and Combat Terrorism No U.S. Government Hearing 4.11 Cybercrime,
5.1 Regulation/Liability,
5.7 Technology
U.S. House Committee on Energy and Commerce 2011-05-31 Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act No U.S. Government Hearing 3.3.2.1 Electricity, Oil and Natural Gas,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade) 2011-06-02 Sony and Epsilon: Lessons for Data Security Legislation No U.S. Government Hearing 4.9 Identity Management,
5.1 Regulation/Liability,
5.2 Private Efforts/Organizations
U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing) 2011-06-15 Discussion Draft of H.R. ___, a bill to require greater protection for sensitive consumer data and timely notification in case of breach No U.S. Government Hearing 4.6 Information Sharing/Disclosure,
4.10 Privacy,
5.1 Regulation/Liability
U.S. Senate Committee on Banking, Housing and Urban Affairs 2011-06-21 Cybersecurity and Data Protection in the Financial Sector No U.S. Government Hearing 3.3.2.2 Financial Institutions and Networks,
4.10 Privacy,
5.1 Regulation/Liability
U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism) 2011-06-21 Cybersecurity: Evaluating the Administration’s Proposals No U.S. Government Hearing 1. Overview,
5.1 Regulation/Liability,
5.3 Government Organizations
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2011-06-24 Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal No U.S. Government Hearing 3.3.1.1 Government Networks (.gov),
4.9 Identity Management,
5.3 Government Organizations
U.S. House Committee on Financial Services (field hearing in Hoover, AL) 2011-06-29 Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information No U.S. Government Hearing 3.3.2.2 Financial Institutions and Networks,
5.1 Regulation/Liability
U.S. Senate Committee on Commerce, Science and Transportation 2011-06-29 Privacy and Data Security: Protecting Consumers in the Modern World No U.S. Government Hearing 4.9 Identity Management,
4.10 Privacy,
5.1 Regulation/Liability
U.S. House Committee on Oversight and Government Reform 2011-07-07 Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat No U.S. Government Hearing 3.3 Security Targets,
4.7 Public-Private Cooperation,
5.3 Government Organizations
U.S. House Committee on Science, Space and Technology 2011-07-21 Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011 No U.S. Government Hearing 4.2.1 Risk Management and Investment,
5.1 Regulation/Liability,
5.7 Technology
U.S. Senate Committee on Small Business and Entrepreneurship 2011-07-25 Role of Small Business in Strengthening Cybersecurity Efforts in the United States No U.S. Government Hearing 4.2.2 Incentives,
4.7 public-Private Cooperation
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) 2011-07-26 Cybersecurity: Infrastructure An Overview of Risks to Critical No U.S. Government Hearing 3.3.2.1 Electricity, Oil and Natural Gas,
4.7 Public-Private Cooperation,
5.3 Government Organizations
U.S. Senate Committee on Judiciary 2011-09-07 Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats No U.S. Government Hearing 3.11 Cybercrime,
4.13.2 Industrial Espionage,
5.1 Regulation/Liability
U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit) 2011-09-14 Combating Cybercriminals No U.S. Government Hearing 3.3.1.1 Government Networks (.gov),
3.3.2.2 Financial Institutions and Networks,
5.7 Government Organizations
U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation) 2011-09-21 The Cloud Computing Outlook No U.S. Government Hearing 3.3.3.3 Cloud Computing,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
U.S. House Permenant Select Committee on Intelligence 2011-10-04 Cyber Threats and Ongoing Efforts to Protect the Nation No U.S. Government Hearing 4.7 Public-Private Cooperation,
4.13.2 Industrial Espionage,
5.4 International Cooperation
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology) 2011-10-06 Cloud Computing: What are the Security Implications? No U.S. Government Hearing 3.3.3.3 Cloud Computing,
4.13 Espionage,
5.3 Government Organizations
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2011-11-03 Institutionalizing Irregular Warfare Capabilities No U.S. Government Hearing 4.12 Cyberwar
U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security) 2011-11-15 Cybersecurity: Protecting America’s New Frontier No U.S. Government Hearing 4.10 Privacy,
4.11 Cybercrime
U.S. House Committee on the Judiciary 2011-11-16 Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act) No U.S. Government Hearing 4.11 Cybercrime,
5.1 Regulation/Liability
U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology) 2011-12-01 Cyber Security: Protecting Your Small Business No U.S. Government Hearing 4.2.1 Risk Management and Investment,
5.1 Regulation/Liability
U.S. House Permenant Select Committee on Intelligence 2011-12-01 Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011 No U.S. Government Hearing 4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2011-12-06 Hearing on Draft Legislative Proposal on Cybersecurity No U.S. Government Hearing 3.1 The Threat and Skeptics,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) 2012-02-01 Consideration and Markup of H.R. 3674 No U.S. Government Hearing 4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
U.S. Senate Committee on Homeland Security and Governmental Affairs 2012-02-16 Securing America’s Future: The Cybersecurity Act of 2012 No U.S. Government Hearing 3.3.2 Private Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) 2012-02-28 Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security No U.S. Government Hearing 3.3.2.1 Electricity, Oil and Natural Gas,
4.2.1 Risk Management and Investment
U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight) 2012-02-29 NASA Cybersecurity: An Examination of the Agency’s Information Security No U.S. Government Hearing 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations,
5.7 Technology
U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology) 2012-03-07 Cybersecurity:Networks The Pivotal Role of Communications No U.S. Government Hearing 3.3.3 Communications,
5.3 Government Organizations,
5.7 Technology
U.S. Senate Committee on Judiciary 2012-03-13 The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know No U.S. Government Hearing 3.3.1 Public Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2012-03-20 Fiscal 2013 Defense Authorization: IT and Cyber Operations No U.S. Government Hearing 4.2.1 Risk Management and Investment,
5.3 Government Organizations
U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) 2012-03-20 To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program No U.S. Government Hearing 4.2.1 Risk Management and Investment,
4.12 Cyberwar,
5.3 Government Organizations
U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) 2012-03-27 IT Supply Chain Security: Review of Government and Industry Efforts No U.S. Government Hearing 4.3 Supply Chain Issues
U.S. Senate Committee on Armed Services 2012-03-27 To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program. No U.S. Government Hearing 3.2.1 States,
4.2 Economics of Cybersecurity,
4.12 Cyberwar
U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology) 2012-03-28 Cybersecurity:Threats to Communications Networks and Public-Sector Responses No U.S. Government Hearing 3.3.3 Communications,
4.7 Public-Private Cooperation,
5.3 Government Organizations
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence) 2012-04-19 The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development No U.S. Government Hearing 4.2.1 Risk Management and Investment,
5.3 Government Organizations,
5.7 Technology
U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management) 2012-04-24 America is Under Cyber Attack: Why Urgent Action is Needed No U.S. Government Hearing 3.1 The Threat and Skeptics,
3.2 Actors and Incentives
U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence) 2012-04-26 Iranian Cyber Threat to U.S. Homeland No U.S. Government Hearing 3.2.1 States,
3.3 Security Targets,
4.12 Cyberwar
GAO 2004-05-28 Technology Assessment: Cybersecurity for Critical Infrastructure Protection No U.S. Government Report 3.3 Security Targets,
4.7 Public-Private Cooperation,
5.7 Technology
U.S. Department of Energy, Infrastructure Security and Energy Restoration 2007-01-01 21 Steps to Improve Cyber Security of SCADA Networks No U.S. Government Report 3.3 Security Targets,
5.3 Government Organizations,
5.7 Technology
Wilson, Clay
CRS
2007-03-20 Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues No U.S. Government Report 3.3 Security Targets,
4.12 Cyberwar
GAO 2008-07-31 Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability No U.S. Government Report 5.3 Government Organizations
Department of Homeland Security 2009-09-16 National Cyber Leap Year Summit 2009: Co-Chairs' Report No U.S. Government Report 3.3 Security Targets,
4.2 Economics of Cybersecurity,
4.8 Attribution
GAO 2009-09-24 Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment No U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
Federal Communications Commission (FCC) 2010-04-21 Explore the reliability and resiliency of commercial broadband communications networks No U.S. Government Report 3.3.3 Communications,
5.1 Regulation/Liability,
5.3 Government Organizations
Department of Energy, Idaho National Laboratory 2010-05-01 NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses No U.S. Government Report 3.3.2 Private Critical Infrastructure,
5.7 Technology
GAO 2010-06-03 Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development No U.S. Government Report 4.7 Public-Private Cooperation,
5.3 Government Organizations
General Accountability Office (GAO) 2010-07-15 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed No U.S. Government Report 3.3 Security Targets,
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation
National Institute of Standards and Technology (NIST) 2010-09-02 NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines No U.S. Government Report 3.3.2.1 Electricity, Oil and Natural Gas,
5.1 Regulation/Liability,
5.3 Government Organizations
White House (Office of Science & Technology Policy) 2010-12-06 Partnership for Cybersecurity Innovation No U.S. Government Report 3.3.2.2 Financial Institutions and Networks,
4.7 Public-Private Cooperation,
5.3 Government Organizations
Kundra, Vivek 2010-12-09 25 Point Implementation Plan to Reform Federal Information Technology Management No U.S. Government Report 3.3.1.1 Government Networks (.gov),
3.3.3.3 Cloud Computing,
5.3 Government Organizations
Kerr, Paul K. et al.
CRS
2010-12-09 The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability No U.S. Government Report 3.3 Security Targets,
4.12 Cyberwar,
5.4 International Law (including Laws of War)
White House 2010-12-16 Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology No U.S. Government Report 3.3.1 Public Critical Infrastructure,
4. Issues,
5. Approaches
General Accountability Office (GAO) 2011-01-12 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed No U.S. Government Report 3.3.2.1 Electricity, Oil and Natural Gas,
5.1 Regulation/Liability,
5.3 Government Organizations
North American Electric Reliability Corp. (NERC) 2011-01-26 Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security No U.S. Government Report 3.3.2.1 Electricity, Oil and Natural Gas,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
Kundra, Vivek 2011-02-08 Federal Cloud Computing Strategy No U.S. Government Report 3.3.1.1 Government Networks (.gov),
3.3.3.3 Cloud Computing,
5.3 Government Organizations
James Clapper, Director of National Intelligence 2011-02-10 Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony) No U.S. Government Report 3.1 The Threat and Skeptics,
3.2 Actors and Incentives
General Accountability Office (GAO) 2011-03-16 Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems No U.S. Government Report 3. Threats and Actors,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
U.S. Army War College, Strategy Research Project 2011-03-24 China’s Cyber Power and America’s National Security No U.S. Government Report 3.2.1 States,
4.13 Espionage,
5.3 Government Organizations
U.S. Army War College 2011-05-09 Cyber Infrastructure Protection No U.S. Government Report
Federal Communications Commission (FCC) 2011-06-03 db0610/DOC-307454A1.txt FCC's Plan for Ensuring the Security of Telecommunications Networks No U.S. Government Report
National Science Foundation 2011-08-11 At the Forefront of Cyber Security Research No U.S. Government Report 5.7 Technology
National Initiative for Cybersecurity Education 2011-08-11 National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation No U.S. Government Report 1. Overview,
5.3 Government Organizations
Office of the National Counterintelligence Executive 2011-11-03 Foreign Spies Stealing US Economic Secrets in Cyberspace No U.S. Government Report 3. Threats and Actors,
3.2 Actors and Incentives,
4.13 Espionage
Department of Defense 2011-11-15 Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934 No U.S. Government Report 4.12 Cyberwar,
5.3 Government Organizations,
5.7 Technology
National Initiative for Cybersecurity Education (NICE) 2011-11-21 NICE Cybersecurity Workforce Framework No U.S. Government Report 4.4 Usability/Human Factors,
5.3 Government Organizations
General Accountability Office (GAO) 2011-11-29 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination No U.S. Government Report 3.3.1 Public Critical Infrastructure,
4.4 Usability/Human Factors,
5.3 Government Organizations
GAO 2012-01-13 Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements No U.S. Government Report 3.3.1.2 Military Networks (.mil),
4.7 Public-Private Cooperation
National Science Foundation 2012-01-17 Information Security Risk Taking No U.S. Government Report 4.1 Metrics,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
Department of Defense 2012-04-11 Cyber Operations Personnel Report (DoD) No U.S. Government Report
Fischer, Eric A.
CRS
2012-04-23 Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions No U.S. Government Report 3.3 Security Targets,
5.1 Regulation/Liability
Project on National Security Reform (PNSR) 2012-11-10 The Power of People: Building an Integrated National Security Professional System for the 21st Century No U.S. Government Report 4.4 Usability/Human Factors,
5.3 Government Organizations
Department of Homeland Security 2007-06 Challenges Remain in Securing the Nation’s Cyber Infrastructure No U.S. Government Report 4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation,
5.3 Government Organizations
White House 2009 Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure No U.S. Government Report 1. Overview,
4.7 Public-Private Cooperation
Department of Homeland Security 2009-11 A Roadmap for Cybersecurity Research No U.S. Government Report 1. Overview,
4.2.1 Risk Management and Investment
Department of Homeland Security 2010-08 DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems No U.S. Government Report 3.3.1.1 Government Networks (.gov),
5.3 Government Organizations
Department of Homeland Security 2010-09 National Cyber Incident Response Plan No U.S. Government Report 3. Threats and Actors,
5.3 Government Organizations
PCAST 2010-12 Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology No U.S. Government Report 4.3 Supply Chain Issues,
4.10 Privacy,
5.3 Government Organizations
White House 2011-04 National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy No U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management
Department of Justice 2011-04 The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat No U.S. Government Report 4.6 Information Sharing/Disclosure,
4.11 Cybercrime,
5.3 Government Organizations
White House 2011-05 International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World No U.S. Government Report 1. Overview
Department of Commerce, Internet Policy Task Force 2011-06 Cybersecurity, Innovation and the Internet Economy No U.S. Government Report 4.2 Economics of Cybersecurity,
4.7 Public-Private Cooperation
PCAST 2011-06 Report to the President on Ensuring American Leadership in Advanced Manufacturing No U.S. Government Report 4.2.1 Risk Management and Investment,
5.3 Government Organizations
Energy Sector Control Systems Working Group 2011-09 Roadmap to Achieve Energy Delivery Systems Cybersecurity No U.S. Government Report 3.3.2.1 Electricity, Oil and Natural Gas,
4.7 Public-Private Cooperation
Department of Homeland Security 2011-11 Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise No U.S. Government Report 3.3 Security Targets,
5.3 Government Organizations
NSTC 2011-12 Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program No U.S. Government Report 5.3 Government Organizations
White House 2012-01 National Strategy for Global Supply Chain Security No U.S. Government Report 4.3 Supply Chain Issues
White House 2012-02 Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy No U.S. Government Report 4.10 Privacy,
5.1 Regulation/Liability
Department of Energy 2012-04 The Department's Management of the Smart Grid Investment Grant Program No U.S. Government Report 3.3.2.1 Electricity, Oil and Natural Gas,
4.2.1 Risk Management and Investment
GAO 2003-08-27 Efforts to Improve Information sharing Need to Be Strengthened No U.S. Government Report 4.6 Information Sharing/Disclosure,
5.3 Government Organizations
White House/OMB 2009-05-29 Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure No U.S. Government Report 4. Issues,
5. Approaches
GAO 2009-11-17 Continued Efforts Are Needed to Protect Information Systems from Evolving Threats No U.S. Government Report 3.2 Actors and Incentives,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
White House/OMB 2010-03-02 Comprehensive National Cybersecurity Initiative (CNCI) No U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations,
5.7 Technology
GAO 2010-03-05 Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative No U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
GAO 2010-03-16 Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats No U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
GAO 2010-03-24 Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at: No U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
GAO 2010-04-12 Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies No U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations,
5.7 Technology
GAO 2010-06-16 Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats No U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
U.S. Navy 2010-06-17 DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance No U.S. Government Report 3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
White House/OMB 2010-06-25 The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy No U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
GAO 2010-07-01 Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing No U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
White House/OMB 2010-07-06 Clarifying Cybersecurity Responsibilities No U.S. Government Report 5.3 Government Organizations
GAO 2010-07-15 Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed No U.S. Government Report 4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation,
5.3 Government Organizations
U.S. Air Force 2010-07-15 Cyberspace Operations: Air Force Doctrine Document 3-12 No U.S. Government Report 3.3.1.2 Military Networks (.mil),
4.12 Cyberwar,
5.3 Government Organizations
Quadrennial Defense Review 2010-07-30 The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report) No U.S. Government Report 3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
GAO 2010-08-02 United States Faces Challenges in Addressing Global Cybersecurity and Governance No U.S. Government Report 4.7 Public-Private Cooperation,
5.3 Government Organizations,
5.4 International Cooperation
GAO 2010-09-15 Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems No U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
GAO 2010-09-23 DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened No U.S. Government Report 3.3 Security Targets,
5.3 Government Organizations
GAO 2010-10-06 Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed No U.S. Government Report 5.1 Regulation/Liability,
5.3 Government Organizations
National Research Council, Committee for Advancing Software-Intensive Systems Producibility 2010-10-20 Critical Code: Software Producibility for Defense No U.S. Government Report 3.3.1.2 Military Networks (.mil),
5.3 Government Organizations,
5.7 Technology
GAO 2010-11-30 Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk No U.S. Government Report 3.3.3 Communications,
5.3 Government Organizations,
5.7 Technology
White House/OMB 2010-12-09 25 Point Implementation Plan to Reform Federal Information Technology Management No U.S. Government Report 4.2 Economics of Cybersecurity,
5.3 Government Organizations,
5.7 Technology
GAO 2011-01-12 Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed No U.S. Government Report 3.3.2.1 Electricity, Oil and Natural Gas,
5.1 Regulation/Liability,
5.3 Government Organizations
White House 2011-02-13 Federal Cloud Computing Strategy No U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations,
5.7 Technology
White House/OMB 2011-02-13 Federal Cloud Computing Strategy No U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations,
5.7 Technology
GAO 2011-03-16 Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems No U.S. Government Report 3.3 Security Targets,
5.1 Regulation/Liability,
5.3 Government Organizations
White House 2011-04-15 Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace No U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
White House 2011-04-15 National Strategy for Trusted Identities in Cyberspace No U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
White House/OMB 2011-05-12 Cybersecurity Legislative Proposal (Fact Sheet) No U.S. Government Report 4. Issues,
5.3 Government Organizations
White House/OMB 2011-05-16 International Strategy for Cyberspace No U.S. Government Report 4.6 Information Sharing/Disclosure,
5.3 Government Organizations,
5.4 International Cooperation
Department of Commerce 2011-06-14 Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace No U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
GAO 2011-07-08 Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain No U.S. Government Report 3.3.1.1 Government Networks (.gov),
5.3 Government Organizations,
5.7 Technology
Department of Defense 2011-07-14 Department of Defense Strategy for Operating in Cyberspace No U.S. Government Report 3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
GAO 2011-07-25 Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities No U.S. Government Report 3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
GAO 2011-07-26 Continued Attention Needed to Protect Our Nation’s Critical Infrastructure No U.S. Government Report 3.3 Security Targets,
5.1 Regulation/Liability,
5.3 Government Organizations
Secretary of the Air Force 2011-07-27 Legal Reviews of Weapons and Cyber Capabilities No U.S. Government Report 4.12 Cyberwar,
5.3 Government Organizations,
5.5 International Law (including Laws of War)
GAO 2011-07-29 Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates No U.S. Government Report 3.3.1.2 Military Networks (.mil),
4.2 Economics of Cybersecurity,
5.3 Government Organizations
General Accountability Office (GAO) 2011-07-29 Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates No U.S. Government Report 4.2 Economics of Cybersecurity,
5.3 Government Organizations
NIST 2011-09-01 Cloud Computing Reference Architecture No U.S. Government Report 3.3.3.3 Cloud Computing
White House/OMB 2011-09-14 FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa No U.S. Government Report 4.6 Information Sharing/Disclosure,
5.3 Government Organizations
GAO 2011-10-03 Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements No U.S. Government Report 3.3.1 Public Critical Infrastructure,
4.4 Usability/Human Factors,
5.3 Government Organizations
GAO 2011-10-05 Information Security: Additional Guidance Needed to Address Cloud Computing Concerns No U.S. Government Report 3.3.1 Public Critical Infrastructure,
3.3.3.3 Cloud Computing,
5.3 Government Organizations
GAO 2011-10-05 Information Security: Additional Guidance Needed to Address Cloud Computing Concerns No U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
White House/OMB 2011-10-07 Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information No U.S. Government Report 3.3.1 Public Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
GAO 2011-10-17 Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management No U.S. Government Report 5.1 Regulation/Liability,
5.3 Government Organizations
GAO 2011-11-29 Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at: No U.S. Government Report 4.2 Economics of Cybersecurity,
4.4 Usability/Human Factors,
5.3 Government Organizations
NIST 2011-12-01 U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters No U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
White House/OMB 2011-12-06 Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program No U.S. Government Report 5.3 Government Organizations,
5.7 Technology
White House/Office of Management and Budget (OMB) 2011-12-08 Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP) No U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
GAO 2011-12-09 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use No U.S. Government Report 3.3 Security Targets,
5.1 Regulation/Liability,
5.3 Government Organizations
General Accountability Office (GAO) 2011-12-09 Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use No U.S. Government Report
Department of Energy (DOE) Inspector General 2012-01-01 The Department’s Management of the Smart Grid Investment Grant Program No U.S. Government Report 3.3.2.1 Electricity, Oil and Natural Gas,
5.3 Government Organizations
Federal CIO Council 2012-01-04 Federal Risk and Authorization Management Program (FedRAMP) No U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations
Department of Defense 2012-02-16 DOD Information Security Program: Overview, Classification, and Declassification No U.S. Government Report 4.6 Information Sharing/Disclosure,
5.3 Government Organizations
NIST 2012-02-17 Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace No U.S. Government Report 4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
President's Commission on Critical Infrastructure Protection 1997 Critical Foundations Yes U.S. Government Report 3.3.2 Private Critical Infrastructure,
3.3.3 Communications,
5.3 Government Organizations
Department of Defense 1999 An Assessment of International Legal Issues in Information Operations Yes U.S. Government Report 3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
Department of Homeland Security 2003 The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets Yes U.S. Government Report 3.3.1 Public Critical Infrastructure,
3.3.2 Private Critical Infrastructure,
5.3 Government Organizations
White House 2003 The National Strategy to Secure Cyberspace Yes U.S. Government Report 4.7 Public-Private Cooperation,
5.3 Government Organizations,
5.4 International Cooperation
National Infrastructure Advisory Council 2004 Hardening The Internet Yes U.S. Government Report 3.3 Security Targets,
4.7 Public-Private Cooperation,
5.3 Government Organizations
National Cyber Security Summit Task Force 2004 Information Security Governance Yes U.S. Government Report 4.7 Public-Private Cooperation,
5.2 Private Efforts/Organizations,
5.3 government Organizations
United States Secret Service 2004 Insider Threat Study Yes U.S. Government Report 3.3.2.2 Financial Institutions and Networks,
4.2.2 Incentives,
4.4 Usability/Human Factors
Department of Defense 2005- Strategy for Homeland Defense and Civil Support Yes U.S. Government Report 3.2.4 Terrorists,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
President's Information Technology Advisory Council 2005 Cyber Security: A Crisis of Prioritization Yes U.S. Government Report 4.2.2 Incentives,
4.7 Public-Private Cooperation,
5.3 Government Organizations
Deputy Chief of Staff for Intelligence 2006 Critical Infrastructure Threats and Terrorism Yes U.S. Government Report 3.3 Security Targets,
4.11 Cybercrime,
4.12 Cyberwar
National Science and Technology Council 2006 Federal Plan for Cyber Security and Information Assurance Research and Development Yes U.S. Government Report 4.1 Metrics,
4.7 Attribution,
4.8 Public-Private Cooperation
National Institute of Standards and Technology 2006 SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security Yes U.S. Government Report 3.3.1 Public Critical Infrastructure,
.2.1 Risk Management and Investment,
5.2 Private Efforts/Organizations
Department of Defense 2007 Mission Impact of Foreign Influence on DoD Software Yes U.S. Government Report 3.2.4 Terrorists,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
Department of Homeland Security 2009 A Roadmap for Cybersecurity Research Yes U.S. Government Report 3.3 Security Targets,
5.3 Government Organizations
White House 2009 Cyberspace Policy Review Yes U.S. Government Report 4.7 Public-Private Cooperation,
5.2 Private Efforts/Organizations,
5.3 Government Organizations
Networking and Information Technology Research and Development 2009 National Cyber Leap Year Summit 2009, Co-Chairs' Report Yes U.S. Government Report 4.6 Information Sharing/Disclosure,
4.9 Identity Management,
5.7 Technology
Department of Commerce 2010 Defense Industrial Base Assessment Yes U.S. Government Report 3.2.5 Criminals and Criminal Organizations,
3.3.1 Public Critical Infrastructure,
4.7 Public-Private Cooperation
White House 2010 The Comprehensive National Cybersecurity Initiative Yes U.S. Government Report 3.3.1 Public Critical Infrastructure,
3.3.2 Private Critical Infrastructure,
5.3 Government Organizations
U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs) 2010-009 Defending a New Domain No U.S. Government Report
Department of Defense 2011-04 Cyber Operations Personnel Report (DOD) No U.S. Government Report
Department of Energy, Office of Electricity Delivery & Energy Reliability Undated Cybersecurity for Energy Delivery Systems Program No U.S. Government Report 3.3.2.1 Electricity, Oil and Natural Gas,
4.2.1 Risk Management and Investment,
5.3 Government Organizations
GAO 2009-07 Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses No U.S. Government Report 3.3.1.1 Government Networks (.gov),
5.3 Government Organizations
GAO 2009-09 Information Security: Concerted Effort Needed to Improve Federal Performance Measures No U.S. Government Report 3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
General Services Administration (GSA) 2012-02-07 Concept of Operations: FedRAMP No U.S. Government Report 3.3.3.3 Cloud Computing,
5.3 Government Organizations