|
|
| Line 1: |
Line 1: |
| − | {| class="wikitable sortable" border="1" cellpadding="1" cellspacing="0" style="border: 1px solid LightGrey;" | + | {{Filtered_Table}} |
| − | |-
| + | |
| − | ! style="background-color: #efefef;" | Author 1
| + | |
| − | ! style="background-color: #efefef;" | Author 2
| + | |
| − | ! style="background-color: #efefef;" | Year
| + | |
| − | ! style="background-color: #efefef;" | Title
| + | |
| − | ! style="background-color: #efefef;" | Source
| + | |
| − | ! style="background-color: #efefef;" | Expertise
| + | |
| − | ! style="background-color: #efefef;" class="unsortable" | Full Text
| + | |
| − | |-
| + | |
| − | |Anderson, Ross J.||||2008||[[Security Engineering]]||Book||Moderate:Technology; Moderate:Cryptography||N/A
| + | |
| − | |-
| + | |
| − | |Anderson, Ross, et. al|| ||2008||[[Security Economics and the Internal Market]]||Study||Low:Economics||[http://www.enisa.europa.eu/act/sr/reports/econ-sec/economics-sec/at_download/fullReport ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Anderson, Ross||||2001||[[Why Information Security is Hard]]||Conf. Paper||None||[http://www.acsac.org/2001/papers/110.pdf ''Pdf''] [http://www.cl.cam.ac.uk/~rja14/Papers/econ.pdf ''AltPdf'']
| + | |
| − | |-
| + | |
| − | |Anderson, Ross||Moore, Tyler||2006||[[The Economics of Information Security]]||Journal Article||Low:Economics||[http://people.seas.harvard.edu/~tmoore/science-econ.pdf ''Pdf''] [http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.89.3331&rep=rep1&type=pdf ''AltPdf'']
| + | |
| − | |-
| + | |
| − | |Arora et al.||||2006||[[Does Information Security Attack Frequency Increase With Vulnerability Disclosure]]||Journal Article||Moderate:Economics||[http://www.heinz.cmu.edu/~rtelang/vuln_freq_ISF.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Aviram, Amitai||Tor, Avishalom||2004||[[Overcoming Impediments to Information Sharing]]||Law Review||Low:Economics||[http://law.haifa.ac.il/faculty/lec_papers/tor/55Ala1.L.Rev.231.pdf ''Pdf''] [http://papers.ssrn.com/sol3/papers.cfm?abstract_id=435600 ''SSRN'']
| + | |
| − | |-
| + | |
| − | |Barkham, Jason||||2001||[[Information Warfare and International Law on the Use of Force]]||Law Review||Moderate:Law||[http://www1.law.nyu.edu/journals/jilp/issues/34/pdf/34_1_b.pdf ''Pdf''] [http://activeresponse.org/files/34_1_b.pdf ''Alt Pdf'']
| + | |
| − | |-
| + | |
| − | |Beard, Jack M.||||2009||[[Law and War in the Virtual Era]]||Law Review||Low:Law||[http://www.asil.org/ajil/July2009_1selectedpiece.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Bohme, Rainer||||2005||[[Cyber-Insurance Revisited]]||Conf. Paper||High:Economics||[http://infosecon.net/workshop/pdf/15.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Bohme, Rainer||Kataria, Gaurav||2006||[[Models and Measures for Correlation in Cyber-Insurance]]||Conf. Paper||High:Economics||[http://weis2006.econinfosec.org/docs/16.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Bohme, Rainer||Schwartz, Galina||2010||[[Modeling Cyber-Insurance]]||Conf. Paper||High:Economics||[http://www1.inf.tu-dresden.de/~rb21/publications/BS2010_Modeling_Cyber-Insurance_WEIS.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Brown, Davis||||2006||[[A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict]]||Law Review||Moderate:Law||[http://www.harvardilj.org/attach.php?id=59 ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Camp, L. Jean|| Lewis, Stephen||2004||[[Economics of Information Security]]||Book||High:Economics|| N/A
| + | |
| − | |-
| + | |
| − | |Camp, L. Jean||Wolfram, Catherine||2004||[[Pricing Security]]||Book Chapter||Low:Economics||[http://books.google.com/books?id=PbzP9tgeDcAC&lpg=PA17&ots=8AOrvEojH5&dq=Economics%20of%20Information%20Security&lr&pg=PA17#v=onepage&q&f=false ''Web''] [http://papers.ssrn.com/sol3/papers.cfm?abstract_id=894966 ''SSRN'']
| + | |
| − | |-
| + | |
| − | |Center for Strategic and International Studies|| ||2008||[[Securing Cyberspace for the 44th Presidency]]||Independent Report||Low:Policy||[http://www.cyber.st.dhs.gov/docs/081208_securingcyberspace_44.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Clarke, Richard A.||Knake, Robert||2010||[[Cyber War]]||Book||None||N/A
| + | |
| − | |-
| + | |
| − | |Clinton, Larry||||Undated||[[Cyber-Insurance Metrics and Impact on Cyber-Security]]||Online Paper||Low:Technology; Low:Law||[http://www.whitehouse.gov/files/documents/cyber/ISA%20-%20Cyber-Insurance%20Metrics%20and%20Impact%20on%20Cyber-Security.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Computer Economics, Inc.||||2007||[[2007 Malware Report]]||Industry Report||None||[http://www.computereconomics.com/article.cfm?id=1224 ''Purchase'']
| + | |
| − | |-
| + | |
| − | |Computing Research Association||||2003||[[Four Grand Challenges in Trustworthy Computing]]||Independent Report||None||[http://www.cyber.st.dhs.gov/docs/CRA%20Grand%20Challenges%202003.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Department of Commerce||||2010||[[Defense Industrial Base Assessment]]||Government Report||None||[http://www.bis.doc.gov/defenseindustrialbaseprograms/osies/defmarketresearchrpts/final_counterfeit_electronics_report.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Department of Defense||||1999||[[An Assessment of International Legal Issues in Information Operations]]||Government Report||Moderate:Law||[http://www.au.af.mil/au/awc/awcgate/dod-io-legal/dod-io-legal.pdf '' Pdf'']
| + | |
| − | |-
| + | |
| − | |Department of Defense||||2005||[[Strategy for Homeland Defense and Civil Support]]||Government Report||None||[http://www.defense.gov/news/Jun2005/d20050630homeland.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Department of Defense||||2007||[[Mission Impact of Foreign Influence on DoD Software]]||Government Report||Low:Defense Policy/Procurement||[http://www.cyber.st.dhs.gov/docs/Defense%20Science%20Board%20Task%20Force%20-%20Report%20on%20Mission%20Impact%20of%20Foreign%20Influence%20on%20DoD%20Software%20(2007).pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Department of Homeland Security||||2003||[[The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets]]||Government Report||None||[http://www.dhs.gov/xlibrary/assets/Physical_Strategy.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Department of Homeland Security||||2009||[[A Roadmap for Cybersecurity Research]]||Government Report||Low:Technology||[http://www.cyber.st.dhs.gov/docs/DHS-Cybersecurity-Roadmap.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Deputy Chief of Staff for Intelligence||||2006||[[Critical Infrastructure Threats and Terrorism]]||Government Report||Low:Organizational Analysis; Low:Risk Management||[http://www.fas.org/irp/threat/terrorism/sup2.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Dörmann, Knut||||2004||[[Applicability of the Additional Protocols to Computer Network Attacks]]||Independent Report||Low:Law||[http://www.icrc.org/Web/eng/siteeng0.nsf/htmlall/68LG92/$File/ApplicabilityofIHLtoCNA.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Dunlap, Charles J. Jr.||||2009||[[Towards a Cyberspace Legal Regime in the Twenty-First Century]]||Speech||None||N/A
| + | |
| − | |-
| + | |
| − | |Energetics Inc.||||2006||[[Roadmap to Secure Control Systems in the Energy Sector]]||Independent Report||None||[http://www.cyber.st.dhs.gov/docs/DOE%20Roadmap%202006.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Epstein, Richard A.||Brown, Thomas P.||2008||[[Cybersecurity in the Payment Card Industry]]||Law Review||Low:Law; Low:Economics||[http://lawreview.uchicago.edu/issues/archive/v75/75_1/EpsteinArticle.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Financial Services Sector Coordinating Council for Critical Infrastructure Protection||||2008||[[Research Agenda for the Banking and Finance Sector]]||Independent Report||None||[http://www.cyber.st.dhs.gov/docs/RD_Agenda-FINAL.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Franklin, Jason, et. al||||2007||[[An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants]]||Conf. Paper||Low:Statistics; Low:Economics||[http://sparrow.ece.cmu.edu/group/pub/franklin_paxson_perrig_savage_miscreants.pdf ''Pdf''] [http://www.cs.cmu.edu/~jfrankli/acmccs07/ccs07_franklin_eCrime.pdf ''Alt Pdf'']
| + | |
| − | |-
| + | |
| − | |Gandal, Neil||||2008||[[An Introduction to Key Themes in the Economics of Cyber Security]]||Book Chapter||Low:Economics||[http://www.tau.ac.il/~gandal/security%20encyclopedia%20entry.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Grady, Mark F.||Parisi, Francesco||2006||[[The Law and Economics of Cybersecurity]]||Book||Low:Economics; Low:Law||N/A
| + | |
| − | |-
| + | |
| − | |Granick, Jennifer Stisa||||2005||[[The Price of Restricting Vulnerability Publications]]||Law Review||Low/Moderate:Law||[http://www.ijclp.net/files/ijclp_web-doc_10-cy-2004.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Hollis, Duncan B.||||2007||[[Why States Need an International Law for Information Operations]]||Law Review||Moderate:Law||[http://legacy.lclark.edu/org/lclr/objects/LCB_11_4_Art7_Hollis.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |HP TippingPoint DVLabs||||2010||[[2010 Top Cyber Security Risks Report]]||Industry report||Moderate:Technology||[http://dvlabs.tippingpoint.com/toprisks2010 ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Institute for Information Infrastructure Protection|| ||2003||[[Cyber Security Research and Development Agenda]]||Independent Report||Low/None:Technology||[http://www.cyber.st.dhs.gov/docs/I3P%20Research%20Agenda%202003.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Johnson, Eric M.||||2008||[[Managing Information Risk and the Economics of Security]]||Book||High:Economics||N/A
| + | |
| − | |-
| + | |
| − | |Johnson, Vincent R.||||2005||[[Cybersecurity, Identity Theft, and the Limits of Tort Liability]]||Law Review||Moderate:Law||[http://www.stmarytx.edu/law/pdf/Johnsoncyber.pdf ''Pdf''] [http://law.bepress.com/cgi/viewcontent.cgi?article=3530&context=expresso ''AltPdf'']
| + | |
| − | |-
| + | |
| − | |Kobayashi, Bruce H.|| ||2006||[[An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods]]||Journal Article ||High:Economics||[http://www.law.gmu.edu/assets/files/publications/working_papers/05-11.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Korns, Stephen W.|| ||2009||[[Cyber Operations]]||Journal Article||Low:International Warfare||[http://www.carlisle.army.mil/DIME/documents/Cyber%20Operations%20-%20The%20New%20Balance%20-%20Korns.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Kramer, Franklin D., et. al||||2009||[[Cyberpower and National Security]]||Book||None||N/A
| + | |
| − | |-
| + | |
| − | |Lernard, Thomas M.||Rubin, Paul H.||2005||[[An Economic Analysis of Notification Requirements for Data Security Breaches]]||Online Paper||Low:Economics||[http://www.pff.org/issues-pubs/pops/pop12.12datasecurity.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Lernard, Thomas M.||Rubin, Paul H.||2006||[[Much Ado About Notification]]||Journal Article||Low:Economics||[http://www.cato.org/pubs/regulation/regv29n1/v29n1-5.pdf ''Pdf''] [http://papers.ssrn.com/sol3/papers.cfm?abstract_id=898208# ''SSRN'']
| + | |
| − | |-
| + | |
| − | |McAfee, Inc.||||2010||[[McAfee Threats Report]]||Industry Report||None||[http://www.mcafee.com/us/local_content/reports/2010q1_threats_report.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Moore, Tyler, et. al||||2009||[[The Economics of Online Crime]]||Journal Article||Low:Technology||[http://people.seas.harvard.edu/~tmoore/jep09.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Moore, Tyler||Clayton, Richard||2007||[[Examining the Impact of Website Take-down on Phishing]]||Conf. Paper||Low:Technology||[http://www.ecrimeresearch.org/2007/proceedings/p1_moore.pdf ''Pdf''] [http://www.cl.cam.ac.uk/~rnc1/ecrime07.pdf ''AltPdf'']
| + | |
| − | |-
| + | |
| − | |Moore, Tyler||Clayton, Richard||2008||[[The Consequence of Non-Cooperation in the Fight Against Phishing]]||Conf. Paper||Low:Technology; Low:Economics||[http://people.seas.harvard.edu/~tmoore/ecrime08.pdf ''Pdf''] [http://www.cl.cam.ac.uk/~rnc1/ecrime08pre.pdf ''Alt Pdf'']
| + | |
| − | |-
| + | |
| − | |Moore, Tyler||Clayton, Richard||2009||[[The Impact of Incentives on Notice and Take-down]]||Book Chapter||Moderate:Technology; Low:Law||[http://weis2008.econinfosec.org/papers/MooreImpact.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |National Cyber Defense Initiative||||2009||[[National Cyber Defense Financial Services Workshop Report]]||Independent Report||Moderate:Financial Services Infrastructure; Moderate:Acronym Tolerance||[http://www.cyber.st.dhs.gov/docs/NCDI_FI_Workshop_Report.pdf ''Pdf''] [http://ncdi.nps.edu/FI_Workshop_Report_100204.pdf ''AltPdf'']
| + | |
| − | |-
| + | |
| − | |National Cyber Security Summit Task Force||||2004||[[Information Security Governance]]||Government Report||Moderate:Executive Administration||[http://www.cyber.st.dhs.gov/docs/Information%20Security%20Governance-%20A%20Call%20to%20Action%20(2004).pdf ''Pdf''] [http://www.criminal-justice-careers.com/resources/InfoSecGov4_04.pdf ''AltPdf'']
| + | |
| − | |-
| + | |
| − | |National Infrastructure Advisory Council||||2004||[[Hardening The Internet]]||Government Report||High:Technology||[http://www.cyber.st.dhs.gov/docs/NIAC%20Internet%20Hardening.pdf ''Pdf''] [http://www.dhs.gov/xlibrary/assets/niac/NIAC_HardeningInternetPaper_Jan05.pdf ''AltPdf'']
| + | |
| − | |-
| + | |
| − | |National Institute of Standards and Technology||||2006||[[SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security]]||Government Report||Moderate:Technology||[http://www.cyber.st.dhs.gov/docs/NIST%20Guide%20to%20Supervisory%20and%20Data%20Acquisition-SCADA%20and%20Industrial%20Control%20Systems%20Security%20(2007).pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |National Research Council||||1999||[[Trust in Cyberspace]]||Independent Report||Moderate:Technology||[http://www.cyber.st.dhs.gov/docs/Trust%20in%20Cyberspace%20Report%201999.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |National Research Council||||2007||[[Toward a Safer and More Secure Cyberspace]]||Independent Report||Low:Research Processes; Low:Technology||[http://www.cyber.st.dhs.gov/docs/Toward_a_Safer_and_More_Secure_Cyberspace-Full_report.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |National Science and Technology Council||||2006||[[Federal Plan for Cyber Security and Information Assurance Research and Development]]||Government Report||None||[http://www.cyber.st.dhs.gov/docs/Federal%20R&D%20Plan%202006.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Networking and Information Technology Research and Development|| ||2009||[[National Cyber Leap Year Summit 2009, Co-Chairs' Report]]||Government Report||None||[http://www.cyber.st.dhs.gov/docs/National_Cyber_Leap_Year_Summit_2009_Co-Chairs_Report.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Nye, Joseph||||2010||[[Cyber Power]]||Book Chapter||Low:Technology; Low:Policy||[http://belfercenter.ksg.harvard.edu/files/cyber-power.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Powell, Benjamin||||2005||[[Is Cybersecurity a Public Good]]||Law Review||Low/Moderate:Economics||[http://www.independent.org/pdf/working_papers/57_cyber.pdf ''Pdf''] [http://www.ciaonet.org/wps/pob03/pob03.pdf ''AltPdf'']
| + | |
| − | |-
| + | |
| − | |President's Commission on Critical Infrastructure Protection|| ||''1997''||[[Critical Foundations]]||Government Report||None||[http://www.cyber.st.dhs.gov/docs/PCCIP%20Report%201997.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |President's Information Technology Advisory Council|| ||2005||[[Cyber Security: A Crisis of Prioritization]]||Government Report||None||[http://www.cyber.st.dhs.gov/docs/PITAC%20Report%202005.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Romanosky et al.||||2008||[[Do Data Breach Disclosure Laws Reduce Identity Theft]]||Conf. Paper||Moderate:Economics||[http://weis2008.econinfosec.org/papers/Romanosky.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Rotenberg et. al.||||2010||[[The Cyber War Threat Has Been Grossly Exaggerated]]||Debate||None||[http://intelligencesquaredus.org/index.php/past-debates/cyber-war-threat-has-been-grossly-exaggerated/ ''Audio/Transcript'']
| + | |
| − | |-
| + | |
| − | |Schmitt, Michael N., et. al||||2004||[[Computers and War]]||Conf. Paper||Moderate:Law||[http://www.ihlresearch.org/ihl/pdfs/schmittetal.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Schmitt, Michael N.||||1999||[[Computer Network Attack and the Use of Force in International Law]]||Law Review||High:Law||[http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA471993&Location=U2&doc=GetTRDoc.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Schmitt, Michael N.||||2002||[[Wired Warfare]]||Journal Article||Moderate:Law||[http://www.icrc.org/Web/eng/siteeng0.nsf/htmlall/5C5D5C/$File/365_400_Schmitt.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Schneier, Bruce||||2003||[[Beyond Fear]]||Book||None||[http://www.scribd.com/doc/12185921/beyond-fear-thinking-sensibly-about-security-in-an-uncertain-world-bruce-schneier-copernicus-books-2003 ''Scribd'']
| + | |
| − | |-
| + | |
| − | |Schneier, Bruce||||2008||[[Schneier on Security]]||Book||None||[http://www.schneier.com/book-sos.html ''Purchase'']
| + | |
| − | |-
| + | |
| − | |Schwartz, Paul||Janger, Edward||2007||[[Notification of Data Security Breaches]]||Law Review||Low:Law; Low:Economics||[http://www.michiganlawreview.org/assets/pdfs/105/5/schwartz.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Sklerov, Matthew J.||||2009||[[Solving the Dilemma of State Responses to Cyberattacks]]||Law Review||Moderate:Law; Low:Technology||[http://www.loc.gov/rr/frd/Military_Law/Military_Law_Review/pdf-files/201-fall-2009.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Stohl, Michael||||2006||[[Cyber Terrorism]]||Journal Article||None||[http://www.ingentaconnect.com/content/klu/cris/2006/00000046/F0020004/00009061 ''Purchase'']
| + | |
| − | |-
| + | |
| − | |Swire, Peter P.||||2004||[[A Model for When Disclosure Helps Security]]||Law Review||Low/Moderate:Logic||[http://www.rootsecure.net/content/downloads/pdf/disclosure_helps_security.pdf ''Pdf''][http://papers.ssrn.com/sol3/papers.cfm?abstract_id=531782 ''SSRN'']
| + | |
| − | |-
| + | |
| − | |Swire, Peter P.||||2006||[[A Theory of Disclosure for Security and Competitive Reasons]]||Law Review||Low/Moderate:Logic||[http://papers.ssrn.com/sol3/papers.cfm?abstract_id=842228 ''SSRN'']
| + | |
| − | |-
| + | |
| − | |Symantec Corporation||||2010||[[Symantec Global Internet Security Threat Report]]||Industry Report||Low/Moderate:Technology||[http://www4.symantec.com/Vrt/wl?tu_id=SUKX1271711282503126202 ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Telang, Rahul||Wattal, Sunil||2007||[[Impact of Software Vulnerability Announcements on the Market Value of Software Vendors]]||Journal Article||Moderate:Economics||[http://infosecon.net/workshop/pdf/telang_wattal.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Thomas, Rob||Martin, Jerry||2006||[[The Underground Economy]]||Journal Article||Low:Technology||[http://www.usenix.org/publications/login/2006-12/openpdfs/cymru.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Todd, Graham H.||||2009||[[Armed Attack in Cyberspace]]||Law Review||Moderate:Law||[http://www.afjag.af.mil/shared/media/document/AFD-091026-024.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Trend Micro Incorporated|| ||2010||[[Trend Micro Annual Report]]||Industry Report||Moderate:Technology||[http://us.trendmicro.com/imperia/md/content/us/trendwatch/researchandanalysis/2009s_most_persistent_malware_threats__march_2010_.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |United States Secret Service||||2004||[[Insider Threat Study]]||Government Report||None||[http://www.cyber.st.dhs.gov/docs/its_report_040820.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |van Eeten, Michel J. G.||Bauer, Johannes M.||2008||[[Economics of Malware]]||Non-US Govt. Report||Moderate:Economics||[http://www.oecd.org/dataoecd/53/17/40722462.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Varian, Hal||||2000||[[Managing Online Security Risks]]||Newspaper Article||None||[http://people.ischool.berkeley.edu/~hal/people/hal/NYTimes/2000-06-01.html ''Web'']
| + | |
| − | |-
| + | |
| − | |Varian, Hal||||2004||[[System Reliability and Free Riding]]||Book Chapter||High:Economics||[http://www.sims.berkeley.edu/resources/affiliates/workshops/econsecurity/econws/48-old.pdf ''Pdf''] [http://people.ischool.berkeley.edu/~hal/Papers/2004/reliability ''AltPdf'']
| + | |
| − | |-
| + | |
| − | |Verizon||||2010||[[2010 Data Breach Investigations Report]]||Industry Report||Low:Technology||[http://www.verizonbusiness.com/resources/reports/rp_2010-data-breach-report_en_xg.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Watts, Sean||||2010||[[Combatant Status and Computer Network Attack]]||Law Review||Moderate:Law||[http://www.vjil.org/wp-content/uploads/2010/01/VJIL-50.2-Watts.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |White House||||2003||[[The National Strategy to Secure Cyberspace]]||Government Report||None||[http://www.cyber.st.dhs.gov/docs/National%20Strategy%20to%20Secure%20Cyberspace%202003.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |White House||||2010||[[The Comprehensive National Cybersecurity Initiative]]||Government Report||None||[http://www.cyber.st.dhs.gov/docs/CNCI-Cybersecurity.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |White House||||2009||[[Cyberspace Policy Review]]||Government Report||None||[http://www.cyber.st.dhs.gov/docs/Cyberspace_Policy_Review_final.pdf ''Pdf'']
| + | |
| − | |-
| + | |
| − | |Zittrain, Jonathan L.||||2008||[[The Future of the Internet and How To Stop It]]||Book||None||[http://futureoftheinternet.org/static/ZittrainTheFutureoftheInternet.pdf ''Pdf'']
| + | |
| − | |}
| + | |
| Author/Agency
|
Date
|
Title
|
Wiki Entry
|
Type
|
Category
|
| Aloise, Gene et al. |
2008 |
Nuclear Security |
Yes |
U.S. Government Report |
3.3 Security Targets,
3.3.1 Public Critical Infrastructure,
4.6 Information Sharing/Disclosure
|
| Anderson, Ross |
2001 |
Why Information Security is Hard |
Yes |
Independent Report |
4.2.1 Risk Management and Investment,
4.2.2 Incentives,
5.1 Regulation/Liability
|
| Anderson, Ross |
2006 |
The Economics of Information Security |
Yes |
Journal Article |
4.2 Economics of Cybersecurity,
5.1 Regulation/Liability,
5.7 Technology
|
| Anderson, Ross J. |
2008 |
Security Engineering |
Yes |
Book |
3.2 Security Targets,
4.2 Economics of Cybersecurity,
5.1 Regulation/Liability
|
| Anderson, Ross, et. al |
2008 |
Security Economics and the Internal Market |
Yes |
Article |
4.2 Economics of Cybersecurity,
4.11 Cybercrime,
5.6 Deterrence
|
| Arora et al. |
2006 |
Does Information Security Attack Frequency Increase With Vulnerability Disclosure |
Yes |
Journal Article |
4.2.1 Risk Management and Investment,
4.6 Information Sharing/Disclosure
|
| Aviram, Amitai |
2004 |
Overcoming Impediments to Information Sharing |
Yes |
Journal Article |
4.2.1 Risk Management and Investment,
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation
|
| Barkham, Jason |
2001 |
Information Warfare and International Law on the Use of Force |
Yes |
Journal Article |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Bauer, Johannes M. and van Eeten, Michel J. G. |
2009 |
Cybersecurity: Stakeholder Incentives, Externalities, and Policy Options |
Yes |
Journal Article |
4.2 Economics of Cybersecurity,
4.2.1 Risk Management and Investment,
4.2.2 Incentives
|
| Beard, Jack M. |
2009 |
Law and War in the Virtual Era |
Yes |
Journal Article |
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Bellovin, Steven M. |
2009 |
The Government and Cybersecurity |
Yes |
Journal Article |
3.2 Actors and Incentives,
4.7Public-Private Cooperation
|
| Besunder, Allison A. |
2009 |
Best Practices for Data Protection and Privacy |
Yes |
Book |
4.6 Information Sharing/Disclosure,
4.10 Privacy,
5.1 Regulation/Liability
|
| Boebert, W. Earl |
2010 |
A Survey of Challenges in Attribution |
No |
Journal Article |
4.8 Attribution,
5.3 Government Organizations,
5.7 Technology
|
| Bohme, Rainer |
2005 |
Cyber-Insurance Revisited |
Yes |
Independent Report |
4.2.2 Incentives,
4.2.3 Insurance,
,4.2.5 Market Failure
|
| Bohme, Rainer |
2006 |
Models and Measures for Correlation in Cyber-Insurance |
Yes |
Independent Report |
4.2.3 Insurance,
5.2 Private Efforts/Organizations
|
| Bohme, Rainer |
2010 |
Modeling Cyber-Insurance |
Yes |
Independent Report |
4.2.2 Incentives,
4.2.3 Insurance,
,5.2 Private Efforts/Organizations
|
| Booz Allen Hamilton and the Economist Intelligence Unit |
2012-01-15 |
Cyber Power Index |
No |
Industry Report |
4. Issues,
4.1 Metrics,
5. Approaches
|
| Bradley, Curtis A. and Goldsmith, Jack L. |
2011 |
Overview of International Law and Institutions |
Yes |
Article |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Brown, Davis |
2006 |
A Proposal for an International Convention To Regulate the Use of Information Systems in Armed Conflict |
Yes |
Journal Article |
3.3.1.2 Military Networks (.mil),
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Burstein, Aaron J. |
2008 |
Amending the ECPA to Enable a Culture of Cybersecurity Research |
Yes |
Journal Article |
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation
|
| Business Roundtable |
2011-10-11 |
Mission Critical: A Public-Private Strategy for Effective Cybersecurity |
No |
Independent Report |
|
| Business Software Alliance |
2012-02-02 |
Global Cloud Computing Scorecard a Blueprint for Economic Opportunity |
No |
Industry Report |
3.3.3.3 Cloud Computing
|
| Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America |
2011-03-08 |
Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper |
No |
Industry Report |
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation,
5. Approaches
|
| Cabinet Office (United Kingdom) |
2011-11-11 |
The UK Cyber Security Strategy: Protecting and promoting the UK in a digital world |
No |
Non-U.S. Government Report |
3. Threats and Actors,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| Camp, L. Jean |
2004 |
Economics of Information Security |
Yes |
Book |
4.2 Economics of Cybersecurity,
5.1 Regulation/Liability
|
| Camp, L. Jean |
2004 |
Pricing Security |
Yes |
Book |
4.2.1 Risk Management and Investment,
4.2.2 Incentives
|
| Center for a New American Security |
2012-06-11 |
America’s Cyber Future: Security and Prosperity in the Information Age |
No |
Independent Report |
1. Overview,
4. Issues,
5. Approaches
|
| Center for Strategic and International Studies |
2008 |
Securing Cyberspace for the 44th Presidency |
Yes |
Independent Report |
4.7 Public-Private Cooperation,
5.1 Regulation/Liability,
5.4 International Cooperation
|
| Centre for Secure Information Technologies |
2011 |
World Cybersecurity Technology Research Summit (Belfast 2011) |
No |
Independent Report |
|
| Cetron, Marvin J. and Davies, Owen |
2009 |
World War 3.0: Ten Critical Trends for Cybersecurity |
Yes |
Journal Article |
3.2 Actors and Incentives,
3.3.1 Public Critical Infrastructure,
4.12 Cyberwar
|
| Clark, David and Landau, Susan |
2010 |
Untangling Attribution |
No |
Journal Article |
4.8 Attribution,
5.6 Deterrence,
5.7 Technology
|
| Clarke, Richard A. |
2010 |
Cyber War |
Yes |
Book |
3.1 The Threat and Skeptics,
3.2.1 States,
4.12 Cyberwar
|
| Clinton, Larry |
Undated |
Cyber-Insurance Metrics and Impact on Cyber-Security |
Yes |
Independent Report |
4.2.3 Insurance,
5.2 Private Efforts/Organizations
|
| Cloud Security Alliance |
2009-12 |
Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 |
No |
Independent Report |
3.3.3.3 Cloud Computing,
4. Issues,
5.2 Private Efforts/Organizations
|
| Cohen, Geoff |
2010 |
Targeting Third Party Collaboration |
No |
Journal Article |
3.1 The Threat and Skeptics,
4.7 Public-Private Cooperation,
4.11 Cybercrime
|
| Computer Economics, Inc. |
2007 |
2007 Malware Report |
Yes |
Industry Report |
4.2 Economics of Cybersecurity
|
| Computing Research Association |
2003- |
Four Grand Challenges in Trustworthy Computing |
Yes |
Independent Report |
4.4 Usability/Human Factors,
4.6 Information Sharing/Disclosure,
4.9 Identity Management
|
| Cornish, Paul |
2009 |
Cyber Security and Politically, Socially and Religiously Motivated Cyber Attacks |
Yes |
Non-U.S. Government Report |
3.2 Actors and Incentives,
5.4 International Cooperation
|
| Cornish, Paul et al. |
2009 |
Cyberspace and the National Security of the United Kingdom - Threats and Responses |
Yes |
Independent Report |
3. Threats and Actors,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| Council on Foreign Relations |
2010-07-15 |
Untangling Attribution: Moving to Accountability in Cyberspace [Testimony] |
No |
Independent Report |
3.2 Actors and Incentives,
4.8 Attribution,
5. Approaches
|
| CSIS Commission on Cybersecurity for the 44th Presidency, Center for Strategic and International Studies |
2011-01 |
Cybersecurity Two Years Later |
No |
Independent Report |
3. Threats and Actors,
5. Approaches,
5.3 Government Organizations
|
| Cyber Security Forum Initiative |
2011-05-09 |
Cyber Dawn: Libya |
No |
Industry Report |
3. Threats and Actors,
4. Issues,
5. Approaches
|
| Department of Commerce |
2011-06-14 |
Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace |
No |
U.S. Government Report |
4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
|
| Department of Commerce |
2010 |
Defense Industrial Base Assessment |
Yes |
U.S. Government Report |
3.2.5 Criminals and Criminal Organizations,
3.3.1 Public Critical Infrastructure,
4.7 Public-Private Cooperation
|
| Department of Commerce, Internet Policy Task Force |
2011-06 |
Cybersecurity, Innovation and the Internet Economy |
No |
U.S. Government Report |
4.2 Economics of Cybersecurity,
4.7 Public-Private Cooperation
|
| Department of Defense |
2011-07-14 |
Department of Defense Strategy for Operating in Cyberspace |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
|
| Department of Defense |
2011-11-15 |
Department of Defense Cyberspace Policy Report : A Report to Congress Pursuant to the National Defense Authorization Act for Fiscal Year 2011, Section 934 |
No |
U.S. Government Report |
4.12 Cyberwar,
5.3 Government Organizations,
5.7 Technology
|
| Department of Defense |
2012-02-16 |
DOD Information Security Program: Overview, Classification, and Declassification |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
|
| Department of Defense |
2012-04-11 |
Cyber Operations Personnel Report (DoD) |
No |
U.S. Government Report |
|
| Department of Defense |
1999 |
An Assessment of International Legal Issues in Information Operations |
Yes |
U.S. Government Report |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Department of Defense |
2005- |
Strategy for Homeland Defense and Civil Support |
Yes |
U.S. Government Report |
3.2.4 Terrorists,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| Department of Defense |
2007 |
Mission Impact of Foreign Influence on DoD Software |
Yes |
U.S. Government Report |
3.2.4 Terrorists,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| Department of Defense |
2011-04 |
Cyber Operations Personnel Report (DOD) |
No |
U.S. Government Report |
|
| Department of Energy |
2012-04 |
The Department's Management of the Smart Grid Investment Grant Program |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas,
4.2.1 Risk Management and Investment
|
| Department of Energy (DOE) Inspector General |
2012-01-01 |
The Department’s Management of the Smart Grid Investment Grant Program |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas,
5.3 Government Organizations
|
| Department of Energy, Idaho National Laboratory |
2010-05-01 |
NSTB Assessments Summary Report: Common Industrial Control System Cyber Security Weaknesses |
No |
U.S. Government Report |
3.3.2 Private Critical Infrastructure,
5.7 Technology
|
| Department of Energy, Office of Electricity Delivery & Energy Reliability |
Undated |
Cybersecurity for Energy Delivery Systems Program |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas,
4.2.1 Risk Management and Investment,
5.3 Government Organizations
|
| Department of Homeland Security |
2009-09-16 |
National Cyber Leap Year Summit 2009: Co-Chairs' Report |
No |
U.S. Government Report |
3.3 Security Targets,
4.2 Economics of Cybersecurity,
4.8 Attribution
|
| Department of Homeland Security |
2007-06 |
Challenges Remain in Securing the Nation’s Cyber Infrastructure |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| Department of Homeland Security |
2009-11 |
A Roadmap for Cybersecurity Research |
No |
U.S. Government Report |
1. Overview,
4.2.1 Risk Management and Investment
|
| Department of Homeland Security |
2010-08 |
DHS Needs to Improve the Security Posture of Its Cybersecurity Program Systems |
No |
U.S. Government Report |
3.3.1.1 Government Networks (.gov),
5.3 Government Organizations
|
| Department of Homeland Security |
2010-09 |
National Cyber Incident Response Plan |
No |
U.S. Government Report |
3. Threats and Actors,
5.3 Government Organizations
|
| Department of Homeland Security |
2011-11 |
Blueprint for a Secure Cyber Future: The Cybersecurity Strategy for the Homeland Security Enterprise |
No |
U.S. Government Report |
3.3 Security Targets,
5.3 Government Organizations
|
| Department of Homeland Security |
2003 |
The National Strategy for the Physical Protection of Critical Infrastructures and Key Assets |
Yes |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
3.3.2 Private Critical Infrastructure,
5.3 Government Organizations
|
| Department of Homeland Security |
2009 |
A Roadmap for Cybersecurity Research |
Yes |
U.S. Government Report |
3.3 Security Targets,
5.3 Government Organizations
|
| Department of Justice |
2011-04 |
The Federal Bureau of Investigation's Ability to Address the National Security Cyber Intrusion Threat |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure,
4.11 Cybercrime,
5.3 Government Organizations
|
| Deputy Chief of Staff for Intelligence |
2006 |
Critical Infrastructure Threats and Terrorism |
Yes |
U.S. Government Report |
3.3 Security Targets,
4.11 Cybercrime,
4.12 Cyberwar
|
| Dörmann, Knut |
2004 |
Applicability of the Additional Protocols to Computer Network Attacks |
Yes |
Independent Report |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Douglas Maughan |
2010 |
The Need for a National Cybersecurity Research and Development Agenda |
Yes |
Article |
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| Dunlap Charles J, Jr |
2011 |
Perspectives for Cyber Strategists on Law for Cyberwar |
Yes |
Journal Article |
4.12 Cyberwar,
5.3 Government Organizations,
5.5 International Law (including Laws of War)
|
| Dunlap, Charles J. Jr. |
2009 |
Towards a Cyberspace Legal Regime in the Twenty-First Century |
Yes |
Article |
4.5 Psychology and Politics,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| EastWest Institute |
2011-02-03 |
Working Towards Rules for Governing Cyber Conflict: Rendering the Geneva and Hague Conventions in Cyberspace |
No |
Independent Report |
3.2.1 States,
5.4 International Cooperation,
5.5 International Law (including Laws of War)
|
| Energetics Inc. |
2006 |
Roadmap to Secure Control Systems in the Energy Sector |
Yes |
Independent Report |
3.3.1 Public Critical Infrastructure,
4.7 Public-Private Cooperation
|
| Energy Sector Control Systems Working Group |
2011-09 |
Roadmap to Achieve Energy Delivery Systems Cybersecurity |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas,
4.7 Public-Private Cooperation
|
| ENISA |
2010 |
Introduction to Country Reports |
Yes |
Non-U.S. Government Report |
3.2.1 States,
5.3 Government Organizations,
5.4 International Cooperation
|
| Epstein, Richard A. |
2008 |
Cybersecurity in the Payment Card Industry |
Yes |
Journal Article |
3.2.5 Criminals and Criminal Organizations,
4.11 Cybercrime,
5.1 Regulation/Liability
|
| European Network and Information Security Agency |
2010-10-07 |
Stuxnet Analysis |
No |
Non-U.S. Government Report |
3. Threats and Actors,
5.7 Technology
|
| European Network and Information Security Agency (ENISA) |
2011-04-11 |
Resilience of the Internet Interconnection Ecosystem, at: |
No |
Non-U.S. Government Report |
3. Threats and Actors,
4. Issues,
5. Approaches
|
| Federal CIO Council |
2012-01-04 |
Federal Risk and Authorization Management Program (FedRAMP) |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing,
5.3 Government Organizations
|
| Federal Communications Commission (FCC) |
2010-04-21 |
Explore the reliability and resiliency of commercial broadband communications networks |
No |
U.S. Government Report |
3.3.3 Communications,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| Federal Communications Commission (FCC) |
2011-06-03 |
FCC's Plan for Ensuring the Security of Telecommunications Networks |
No |
U.S. Government Report |
|
| Financial Services Sector Coordinating Council for Critical Infrastructure Protection |
2008 |
Research Agenda for the Banking and Finance Sector |
Yes |
Independent Report |
3.3.2.2 Financial Institutions and Networks,
4.1 Metrics,
4.2.1 Risk Management and Investment
|
Fischer, Eric A.
CRS |
2012-04-23 |
Federal Laws Relating to Cybersecurity: Discussion of Proposed Revisions |
No |
U.S. Government Report |
3.3 Security Targets,
5.1 Regulation/Liability
|
| Franklin, Jason, et. al |
2007 |
An Inquiry into the Nature and Causes of the Wealth of Internet Miscreants |
Yes |
Independent Report |
3.2.5 Criminals and Criminal Organizations,
4.2 Economics of Cybersecurity,
4.11 Cybercrime
|
| Gandal, Neil |
2008 |
An Introduction to Key Themes in the Economics of Cyber Security |
Yes |
Book |
4.2 Economics of Cybersecurity,
4.2.2 Incentives,
5.7 Technology
|
| GAO |
2003-08-27 |
Efforts to Improve Information sharing Need to Be Strengthened |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
|
| GAO |
2004-05-28 |
Technology Assessment: Cybersecurity for Critical Infrastructure Protection |
No |
U.S. Government Report |
3.3 Security Targets,
4.7 Public-Private Cooperation,
5.7 Technology
|
| GAO |
2008-07-31 |
Cyber Analysis And Warning: DHS Faces Challenges in Establishing a Comprehensive National Capability |
No |
U.S. Government Report |
5.3 Government Organizations
|
| GAO |
2009-09-24 |
Critical Infrastructure Protection: Current Cyber Sector-Specific Planning Approach Needs Reassessment |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| GAO |
2009-11-17 |
Continued Efforts Are Needed to Protect Information Systems from Evolving Threats |
No |
U.S. Government Report |
3.2 Actors and Incentives,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| GAO |
2010-03-05 |
Cybersecurity: Progress Made But Challenges Remain in Defining and Coordinating the Comprehensive National Initiative |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| GAO |
2010-03-16 |
Cybersecurity: Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| GAO |
2010-03-24 |
Information Security: Concerted Response Needed to Resolve Persistent Weaknesses, at: |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| GAO |
2010-04-12 |
Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations,
5.7 Technology
|
| GAO |
2010-06-03 |
Cybersecurity: Key Challenges Need to Be Addressed to Improve Research and Development |
No |
U.S. Government Report |
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| GAO |
2010-06-16 |
Continued Attention Is Needed to Protect Federal Information Systems from Evolving Threats |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| GAO |
2010-07-01 |
Federal Guidance Needed to Address Control Issues With Implementing Cloud Computing |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing,
5.3 Government Organizations
|
| GAO |
2010-07-15 |
Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| GAO |
2010-08-02 |
United States Faces Challenges in Addressing Global Cybersecurity and Governance |
No |
U.S. Government Report |
4.7 Public-Private Cooperation,
5.3 Government Organizations,
5.4 International Cooperation
|
| GAO |
2010-09-15 |
Information Security: Progress Made on Harmonizing Policies and Guidance for National Security and Non-National Security Systems |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| GAO |
2010-09-23 |
DHS Efforts to Assess and Promote Resiliency Are Evolving but Program Management Could Be Strengthened |
No |
U.S. Government Report |
3.3 Security Targets,
5.3 Government Organizations
|
| GAO |
2010-10-06 |
Cyberspace Policy: Executive Branch Is Making Progress Implementing 2009 Policy Review Recommendations, but Sustained Leadership Is Needed |
No |
U.S. Government Report |
5.1 Regulation/Liability,
5.3 Government Organizations
|
| GAO |
2010-11-30 |
Information Security: Federal Agencies Have Taken Steps to Secure Wireless Networks, but Further Actions Can Mitigate Risk |
No |
U.S. Government Report |
3.3.3 Communications,
5.3 Government Organizations,
5.7 Technology
|
| GAO |
2011-01-12 |
Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| GAO |
2011-03-16 |
Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems |
No |
U.S. Government Report |
3.3 Security Targets,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| GAO |
2011-07-08 |
Information Security: State Has Taken Steps to Implement a Continuous Monitoring Application, but Key Challenges Remain |
No |
U.S. Government Report |
3.3.1.1 Government Networks (.gov),
5.3 Government Organizations,
5.7 Technology
|
| GAO |
2011-07-25 |
Defense Department Cyber Efforts: DoD Faces Challenges in Its Cyber Activities |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
|
| GAO |
2011-07-26 |
Continued Attention Needed to Protect Our Nation’s Critical Infrastructure |
No |
U.S. Government Report |
3.3 Security Targets,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| GAO |
2011-07-29 |
Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DoD to Develop Full-Spectrum Cyberspace Budget Estimates |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil),
4.2 Economics of Cybersecurity,
5.3 Government Organizations
|
| GAO |
2011-10-03 |
Information Security: Weaknesses Continue Amid New Federal Efforts to Implement Requirements |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
4.4 Usability/Human Factors,
5.3 Government Organizations
|
| GAO |
2011-10-05 |
Information Security: Additional Guidance Needed to Address Cloud Computing Concerns |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
3.3.3.3 Cloud Computing,
5.3 Government Organizations
|
| GAO |
2011-10-17 |
Federal Chief Information Officers: Opportunities Exist to Improve Role in Information Technology Management |
No |
U.S. Government Report |
5.1 Regulation/Liability,
5.3 Government Organizations
|
| GAO |
2011-11-29 |
Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination, at: |
No |
U.S. Government Report |
4.2 Economics of Cybersecurity,
4.4 Usability/Human Factors,
5.3 Government Organizations
|
| GAO |
2011-12-09 |
Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use |
No |
U.S. Government Report |
3.3 Security Targets,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| GAO |
2012-01-13 |
Defense Contracting: Improved Policies and Tools Could Help Increase Competition on DOD's National Security Exception Procurements |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil),
4.7 Public-Private Cooperation
|
| GAO |
2012-02-28 |
Cybersecurity: Challenges to Securing the Modernized Electricity Grid |
No |
Non-U.S. Government Report |
|
| GAO |
2009 |
Critical Infrastructure Protection - Current Cyber Sector-Specific Planning Approach Needs Reassessment |
Yes |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| GAO |
2009-07 |
Information Security: Agencies Continue to Report Progress, but Need to. Mitigate Persistent Weaknesses |
No |
U.S. Government Report |
3.3.1.1 Government Networks (.gov),
5.3 Government Organizations
|
| GAO |
2009-09 |
Information Security: Concerted Effort Needed to Improve Federal Performance Measures |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| GAO |
2010 |
Information Security - Concerted Effort Needed to Consolidate and Secure Internet Connections at Federal Agencies |
Yes |
U.S. Government Report |
3.3.1.1 Government Networks (.gov),
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
|
| GAO |
2011-10-05 |
Information Security: Additional Guidance Needed to Address Cloud Computing Concerns |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing,
5.3 Government Organizations
|
| Geer, Daniel E. and Conway, Daniel G. |
2010 |
Nothing Ventured, Nothing Gained |
Yes |
Journal Article |
4.2 Economics of Cybersecurity,
4.2.1 Risk Management and Investment,
4.2.2 Incentives
|
| Gellman, Robert |
2010 |
Civil Liberties and Privacy Implications of Policies to Prevent Cyberattacks |
No |
Journal Article |
4.8 Attribution,
4.10 Privacy,
5.1 Regulation/Liability
|
| General Accountability Office (GAO) |
2010-07-15 |
Critical Infrastructure Protection: Key Private and Public Cyber Expectations Need to Be Consistently Addressed |
No |
U.S. Government Report |
3.3 Security Targets,
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation
|
| General Accountability Office (GAO) |
2011-01-12 |
Electricity Grid Modernization: Progress Being Made on Cybersecurity Guidelines, but Key Challenges Remain to be Addressed |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| General Accountability Office (GAO) |
2011-03-16 |
Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure and Federal Information Systems |
No |
U.S. Government Report |
3. Threats and Actors,
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations
|
| General Accountability Office (GAO) |
2011-07-29 |
Defense Department Cyber Efforts: Definitions, Focal Point, and Methodology Needed for DOD to Develop Full-Spectrum Cyberspace Budget Estimates |
No |
U.S. Government Report |
4.2 Economics of Cybersecurity,
5.3 Government Organizations
|
| General Accountability Office (GAO) |
2011-11-29 |
Cybersecurity Human Capital: Initiatives Need Better Planning and Coordination |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
4.4 Usability/Human Factors,
5.3 Government Organizations
|
| General Accountability Office (GAO) |
2011-12-09 |
Critical Infrastructure Protection: Cybersecurity Guidance Is Available, but More Can Be Done to Promote Its Use |
No |
U.S. Government Report |
|
| General Services Administration (GSA) |
2012-02-07 |
Concept of Operations: FedRAMP |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing,
5.3 Government Organizations
|
| Grady, Mark F. |
2006 |
The Law and Economics of Cybersecurity |
Yes |
Book |
4.2 Economics of Cybersecurity,
5.1 Regulation/Liability
|
| Graham David E |
2010 |
Cyber Threats and the Law of War |
Yes |
Journal Article |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Granick, Jennifer Stisa |
2005 |
The Price of Restricting Vulnerability Publications |
Yes |
Journal Article |
4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
|
| Hollis, Duncan B. |
2007 |
Why States Need an International Law for Information Operations |
Yes |
Journal Article |
4.12 Cyberwar,
4.13.1 Government to Government Espionage,
5.5 International Law (including Laws of War)
|
| HP TippingPoint DVLabs |
2010 |
2010 Top Cyber Security Risks Report |
Yes |
Industry report |
4.11 Cybercrime,
5.7 Technology
|
| IEEE/EastWest Institute |
2010-05-26 |
The Reliability of Global Undersea Communications Cable Infrastructure (The Rogucci Report) |
No |
Independent Report |
3.3.3 Communications,
4.7 Public-Private Cooperation,
5.4 International Cooperation
|
| Institute for Information Infrastructure Protection |
2003 |
Cyber Security Research and Development Agenda |
Yes |
Independent Report |
4.1 Metrics,
4.2.1 Risk Management and Investment,
5.1 Regulation/Liability
|
| Institute for Science and International Security |
2010-12-22 |
Did Stuxnet Take Out 1,000 Centrifuges at the Natanz Enrichment Plant? Preliminary Assessment |
No |
Independent Report |
3. Threats and Actors,
3.3 Security Targets,
5.7 Technology
|
| International Instrument Users Association (WIB) |
2010-11-10 |
WIB Security Standard Released |
No |
Industry Report |
3.3 Security Targets,
5.4 International Cooperation
|
| International Telecommunications Union |
2012-02-10 |
ITU Toolkit for Cybercrime Legislation |
No |
Independent Report |
|
| James Clapper, Director of National Intelligence |
2011-02-10 |
Worldwide Threat Assessment of the U.S. Intelligence Community (Testimony) |
No |
U.S. Government Report |
3.1 The Threat and Skeptics,
3.2 Actors and Incentives
|
| Johnson, Eric M. |
2008 |
Managing Information Risk and the Economics of Security |
Yes |
Book |
4.2 Economics of Cybersecurity,
4.2.1 Risk Management and Investment,
5.1 Regulation/Liability
|
| Johnson, Vincent R. |
2005 |
Cybersecurity, Identity Theft, and the Limits of Tort Liability |
Yes |
Journal Article |
4.9 Identity Management,
4.10 Privacy,
5.1 Regulation/Liability
|
| Joint Workshop of the National Security Threats in Cyberspace and the National Strategy Forum |
2009-09-15 |
National Security Threats in Cyberspace |
No |
Independent Report |
|
| Joseph S. Nye |
2010 |
Cyber Power |
Yes |
Article |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Journal of Strategic Studies |
2011-10-05 |
Cyber War Will Not Take Place |
No |
Journal Article |
|
| Kelly A. Gable |
2010 |
Cyber-Apocalypse Now - Securing the Internet Against Cyberterrorism and Using Universal Jurisdiction as a Deterrent |
Yes |
Journal Article |
3.2.4 Terrorists,
3.3 Security Targets,
5.5 International Law (including Laws of War)
|
Kerr, Paul K. et al.
CRS |
2010-12-09 |
The Stuxnet Computer Worm: Harbinger of an Emerging Warfare Capability |
No |
U.S. Government Report |
3.3 Security Targets,
4.12 Cyberwar,
5.4 International Law (including Laws of War)
|
| Kesan, Jay P. and Hayes, Carol M. |
2010 |
Thinking Through Active Defense in Cyberspace |
No |
Journal Article |
4.2 Economics of Cybersecurity,
5.3 Government Organizations,
5.7 Technology
|
| Kobayashi, Bruce H. |
2005 |
An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and other Public Security Goods |
Yes |
Journal Article |
4.2.1 Risk Management and Investment,
4.2.2 Incentives,
4.7 Public-Private Cooperation
|
| Kobayashi, Bruce H. |
2006 |
An Economic Analysis of the Private and Social Costs of the Provision of Cybersecurity and Other Public Security Goods |
Yes |
Journal Article |
4.2 Economics of Cybersecurity,
4.2.2 Incentives,
5.6 Deterrence
|
| Korns, Stephen W. |
2009 |
Cyber Operations |
Yes |
Journal Article |
4.8 Attribution,
4.12 Cyberwar,
5.6 Deterrence
|
| Kramer, Franklin D., et. al |
2009 |
Cyberpower and National Security |
Yes |
Book |
1. Overview
|
| Kundra, Vivek |
2010-12-09 |
25 Point Implementation Plan to Reform Federal Information Technology Management |
No |
U.S. Government Report |
3.3.1.1 Government Networks (.gov),
3.3.3.3 Cloud Computing,
5.3 Government Organizations
|
| Kundra, Vivek |
2011-02-08 |
Federal Cloud Computing Strategy |
No |
U.S. Government Report |
3.3.1.1 Government Networks (.gov),
3.3.3.3 Cloud Computing,
5.3 Government Organizations
|
| Lan, Tang et al. |
2010 |
Global Cyber Deterrence: Views from China, the U.S., Russia, India, and Norway |
Yes |
Independent Report |
3.2.1 States,
4.12 Cyberwar,
5.6 Deterrence
|
| Lernard, Thomas M. |
2005 |
An Economic Analysis of Notification Requirements for Data Security Breaches |
Yes |
Independent Report |
4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
|
| Lernard, Thomas M. |
2006 |
Much Ado About Notification |
Yes |
Journal Article |
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
|
| Lewis, James Andrews |
2005 |
Aux armes, citoyens: Cyber Security and Regulation in the United States |
Yes |
Journal Article |
3.3.1 [[Public Critical Infrastructure,
3.3.2.2 Financial Institutions and Networks,
3.3.2.3 Transportation
|
| Libicki, Martin |
2010 |
Pulling Punches in Cyberspace |
No |
Journal Article |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Lin, Herbert |
2012 |
Cyber Conflict and National Security |
No |
Article |
|
| Lukasik, Stephen J. |
2010 |
A Framework for Thinking about Cyber Conflict and Cyber Deterrence with Possible Declatory Policies for these Domain |
No |
Journal Article |
3.2 Actors and Incentives,
5.4 International Cooperation,
5.6 Deterrence
|
| Massachusetts Institute of Technology (MIT) |
2011-12-05 |
The Future of the Electric Grid |
No |
Independent Report |
3.3.2.1 Electricity, Oil and Natural Gas,
4. Issues,
5.1 Regulation/Liability
|
| McAfee |
2011-08-02 |
Revealed: Operation Shady RAT: an Investigation Of Targeted Intrusions Into 70+ Global Companies, Governments, and Non-Profit Organizations During the Last 5 Years |
No |
Industry Report |
3.2.1 States,
3.3 Security Targets,
4.13 Espionage
|
| McAfee |
2012-02-01 |
Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World |
No |
Industry Report |
3. Threats and Actors,
4. Issues,
5. Approaches
|
| McAfee and Center for Strategic and International Studies (CSIS) |
2011-04-21 |
In the Dark: Crucial Industries Confront Cyberattacks |
No |
Industry Report |
3. Threats and Actors,
3.3.2 Private Critical Infrastructure,
4.7 Public-Private Cooperation
|
| McAfee and the Security Defense Agenda |
2012-02-12 |
Cyber-security: The Vexed Question of Global Rules: An Independent Report on Cyber-Preparedness Around the World |
No |
Industry Report |
1. Overview,
4. Issues,
5. Approaches
|
| McAfee, Inc. |
2010 |
McAfee Threats Report |
Yes |
Industry Report |
3.2.3 Hacktivists,
3.2.5 Criminals and Criminal Organizations,
4.11 Cybercrime
|
| McDermott, Rose |
2010 |
Decision Making Under Uncertainty |
No |
Journal Article |
4.4 Usability/Human Factors,
4.5 Psychology and Politics,
4.8 Attribution
|
| Microsoft |
2010-11 |
Information Security Management System for Microsoft Cloud Infrastructure |
No |
Industry Report |
3.3.3.3 Cloud Computing,
5.2 Private Efforts/Organizations
|
| Mitre Corp (JASON Program Office) |
2010-11 |
Science of Cyber-Security |
No |
Independent Report |
1. Overview,
4. Issues
|
| Moore, Tyler |
2010 |
Introducing the Economics of Cybersecurity: Principles and Policy Options |
No |
Journal Article |
4.2 Economics of Cybersecurity,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
|
| Moore, Tyler |
2007 |
Examining the Impact of Website Take-down on Phishing |
Yes |
Independent Report |
4.2 Economics of Cybersecurity,
4.11 Cybercrime,
5.7 Technology
|
| Moore, Tyler |
2008 |
The Consequence of Non-Cooperation in the Fight Against Phishing |
Yes |
Independent Report |
3.3.2.2 Financial Institutions and Networks,
4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure
|
| Moore, Tyler |
2009 |
The Impact of Incentives on Notice and Take-down |
Yes |
Book |
4.2.2 Incentives,
4.11 Cybercrime,
5.4 International Cooperation
|
| Moore, Tyler, et. al |
2009 |
The Economics of Online Crime |
Yes |
Journal Article |
3.2.5 Criminals and Criminal Organizations,
3.3.2.2 Financial Institutions and Networks,
4.2 Economics of Cybersecurity
|
| Morgan, Patrick M. |
2010 |
Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm |
No |
Journal Article |
4.12 Cyberwar,
5.4 International Cooperation,
5.6 Deterrence
|
| National Association of Secretaries of State |
2012-01-12 |
Developing State Solutions to Business Identity Theft: Assistance, Prevention and Detection Efforts by Secretary of State Offices |
No |
Independent Report |
4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
|
| National Cyber Defense Initiative |
2009 |
National Cyber Defense Financial Services Workshop Report |
Yes |
Independent Report |
3.3.2.2 Financial Institutions and Networks,
4.2.1 Risk Management and Investment,
5.3 Government Organizations
|
| National Cyber Security Alliance and Microsoft |
2011-05-13 |
2011 State of Cyberethics, Cybersafety and Cybersecurity Curriculum in the U.S. Survey |
No |
Industry Report |
4.4 Usability/Human Factors
|
| National Cyber Security Summit Task Force |
2004 |
Information Security Governance |
Yes |
U.S. Government Report |
4.7 Public-Private Cooperation,
5.2 Private Efforts/Organizations,
5.3 government Organizations
|
| National Infrastructure Advisory Council |
2004 |
Hardening The Internet |
Yes |
U.S. Government Report |
3.3 Security Targets,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| National Initiative for Cybersecurity Education |
2011-08-11 |
National Initiative for Cybersecurity Education Strategic Plan: Building a Digital Nation |
No |
U.S. Government Report |
1. Overview,
5.3 Government Organizations
|
| National Initiative for Cybersecurity Education (NICE) |
2011-11-21 |
NICE Cybersecurity Workforce Framework |
No |
U.S. Government Report |
4.4 Usability/Human Factors,
5.3 Government Organizations
|
| National Institute of Standards and Technology |
2006 |
SP 800-82: Guide to Supervisory Control and Data Acquisition (SCADA) and Industrial Control Systems Security |
Yes |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
.2.1 Risk Management and Investment,
5.2 Private Efforts/Organizations
|
| National Institute of Standards and Technology (NIST) |
2010-09-02 |
NIST Finalizes Initial Set of Smart Grid Cyber Security Guidelines |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| National Research Council |
2009 |
Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities |
No |
Independent Report |
|
| National Research Council |
2010-09-21 |
Toward Better Usability, Security, and Privacy of Information Technology: Report of a Workshop |
No |
Independent Report |
4.2 Economics of Cybersecurity,
4.4 Usability/Human Factors,
4.10 Privacy
|
| National Research Council |
2010-10-05 |
Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy |
No |
Independent Report |
3. Threats and Actors,
4. Issues,
5. Approaches
|
| National Research Council |
1999 |
Trust in Cyberspace |
Yes |
Independent Report |
3.3.3.2 Public Data Networks,
4.2.2 Incentives,
4.7 Public-Private Cooperation
|
| National Research Council |
2007 |
Toward a Safer and More Secure Cyberspace |
Yes |
Independent Report |
1. Overview,
4.8 Attribution,
5.6 Deterrence
|
| National Research Council, Committee for Advancing Software-Intensive Systems Producibility |
2010-10-20 |
Critical Code: Software Producibility for Defense |
No |
Independent Reprot |
3.3.1.2 Military Networks (.mil),
5.3 Government Organizations,
5.7 Technology
|
| National Science and Technology Council |
2006 |
Federal Plan for Cyber Security and Information Assurance Research and Development |
Yes |
U.S. Government Report |
4.1 Metrics,
4.7 Attribution,
4.8 Public-Private Cooperation
|
| National Science Foundation |
2011-08-11 |
At the Forefront of Cyber Security Research |
No |
U.S. Government Report |
5.7 Technology
|
| National Science Foundation |
2012-01-17 |
Information Security Risk Taking |
No |
U.S. Government Report |
4.1 Metrics,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
|
| National Security Cyberspace Institute |
2012-07-11 |
Analogies Whitepaper-K McKee.pdf A Review of Frequently Used Cyber Analogies |
No |
Independent Report |
|
| National Security Initiative |
2010-10-18 |
American Security Challenge |
No |
Independent Report |
|
| Networking and Information Technology Research and Development |
2009 |
National Cyber Leap Year Summit 2009, Co-Chairs' Report |
Yes |
U.S. Government Report |
4.6 Information Sharing/Disclosure,
4.9 Identity Management,
5.7 Technology
|
| NIST |
2011-09-01 |
Cloud Computing Reference Architecture |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing
|
| NIST |
2011-12-01 |
U.S. Government Cloud Computing Technology Roadmap, Release 1.0 (Draft), Volume II Useful Information for Cloud Adopters |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing,
5.3 Government Organizations
|
| NIST |
2012-02-17 |
Recommendations for Establishing an Identity Ecosystem Governance Structure for the National Strategy for Trusted Identities in Cyberspace |
No |
U.S. Government Report |
4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
|
| Nojeim, Gregory T. |
2009 |
Cybersecurity: Preventing Terrorist Attacks and Protecting Privacy in Cyberspace |
Yes |
U.S. Government Hearing |
3.3.2 Private Critical Infrastructure,
4.10 Privacy,
5.1 Regulation/Liability
|
| North American Electric Reliability Corp. (NERC) |
2011-01-26 |
Federal Energy Regulatory Commission's Monitoring of Power Grid Cyber Security |
No |
U.S. Government Report |
3.3.2.1 Electricity, Oil and Natural Gas,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
|
| NSTC |
2011-12 |
Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program |
No |
U.S. Government Report |
5.3 Government Organizations
|
| Nye, Joseph |
2010 |
Cyber Power |
Yes |
Book |
4.12 Cyberwar,
4.13 Espionage,
5.5 International Law (including Laws of War)
|
| OECD |
2009 |
Cybersecurity and Economic Incentives |
Yes |
Non-U.S. Government Report |
4.2 Economics of Cybersecurity,
4.2.2 Incentives
|
| OECD |
2009 |
The Market Consequences of Cybersecurity |
Yes |
Non-U.S. Government Report |
4.2 Economics of Cybersecurity,
4.2.2 Incentives
|
| Office of the National Counterintelligence Executive |
2011-11-03 |
Foreign Spies Stealing US Economic Secrets in Cyberspace |
No |
U.S. Government Report |
3. Threats and Actors,
3.2 Actors and Incentives,
4.13 Espionage
|
| Organisation for Economic Co-operation and Development (OECD) |
2010-11-12 |
The Role of Internet Service Providers in Botnet Mitigation: an Empirical Analysis Bases on Spam Data |
No |
Independent Report |
3. Threats and Actors,
5.7 Technology
|
| Organization for Economic Co-operation and Development (OECD) |
2012-01-10 |
ICT Applications for the Smart Grid: Opportunities and Policy Implications |
No |
Independent Report |
|
| PCAST |
2010-12 |
Designing a Digital Future: Federally Funded Research and Development in Networking and Information Technology |
No |
U.S. Government Report |
4.3 Supply Chain Issues,
4.10 Privacy,
5.3 Government Organizations
|
| PCAST |
2011-06 |
Report to the President on Ensuring American Leadership in Advanced Manufacturing |
No |
U.S. Government Report |
4.2.1 Risk Management and Investment,
5.3 Government Organizations
|
| Perkins, Earl |
2009 |
Evolving Cybersecurity Issues in the Utility Industry |
Yes |
Independent Report |
3.3.2 Private Critical Infrastructure,
3.3.2.4 Water, Sewer, etc.,
4.7 Public-Private Cooperation
|
| Pew Research Center’s Internet & American Life Project |
2010-06-11 |
The future of cloud computing |
No |
Independent Report |
3.3.3.3 Cloud Computing
|
| Powell, Benjamin |
2005 |
Is Cybersecurity a Public Good |
Yes |
Journal Article |
4.2 Economics of Cybersecurity,
4.2.5 Market Failure,
5.1 Regulation/Liability
|
| President's Commission on Critical Infrastructure Protection |
1997 |
Critical Foundations |
Yes |
U.S. Government Report |
3.3.2 Private Critical Infrastructure,
3.3.3 Communications,
5.3 Government Organizations
|
| President's Information Technology Advisory Council |
2005 |
Cyber Security: A Crisis of Prioritization |
Yes |
U.S. Government Report |
4.2.2 Incentives,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| Project on National Security Reform (PNSR) |
2010-11 |
The Power of People: Building an Integrated National Security Professional System for the 21st Century |
No |
U.S. Government Report |
4.4 Usability/Human Factors,
5.3 Government Organizations
|
| Quadrennial Defense Review |
2010-07-30 |
The QDR in Perspective: Meeting AmericaÅfs National Security Needs In the 21st Century (QDR Final Report) |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
|
| RAND |
2011-12-21 |
A Cyberworm that Knows No Boundaries |
No |
Independent Report |
3. Threats and Actors,
5.3 Government Organizations,
5.7 Technology
|
| Rattray, Gregory and Healey, Jason |
2010 |
Categorizing and Understanding Offensive Cyber Capabilities and Their Use |
No |
Journal Article |
3.1 The Threat and Skeptics,
3.3 Security Targets,
4.12 Cyberwar
|
| Rollins, John and Wilson, Clay |
2007 |
Terrorist Capabilities for Cyberattack |
Yes |
U.S. Government Report |
3.2.4 Terrorists,
3.3 Security Targets,
4.2.2 Incentives
|
| Romanosky et al. |
2008 |
Do Data Breach Disclosure Laws Reduce Identity Theft |
Yes |
Independent Report |
4.2.2 Incentives,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
|
| Rosenzweig, Paul |
2010 |
The Organization of the United States Government and Private Sector for Achieving Cyber Deterrence |
No |
Journal Article |
4.3 Supply Chain Issues,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| Rotenberg et. al. |
2010 |
The Cyber War Threat Has Been Grossly Exaggerated |
Yes |
Article |
3.1 The Threat and Skeptics,
3.2.1 States,
4.12 Cyberwar
|
| Rue, Rachel and Pfleeger, Shari Lawrence |
2009 |
Making the Best Use of Cybersecurity Economic Models |
Yes |
Journal Article |
4.1 Metrics,
4.2.1 Risk Management and Investment
|
| Santos, Joost R., et. al |
2007 |
A Framework for Linking Cybersecurity Metrics to the Modeling of Macroeconomic Interdependencies |
Yes |
Journal Article |
3.3.2 Private Critical Infrastructure,
4.1 Metrics
|
| Schmitt Michael N |
2002 |
Wired warfare: Computer network attack and jus in bello |
Yes |
Journal Article |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Schmitt Michael N |
2004 |
Direct Participation in Hostilities and 21st Century Armed Conflict |
Yes |
Journal Article |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Schmitt, Michael N. |
1999 |
Computer Network Attack and the Use of Force in International Law |
Yes |
Journal Article |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Schmitt, Michael N. |
2010 |
Cyber Operations in International Law: The Use of Force, Collective Security, Self-Defense, and Armed Conflicts |
No |
Journal Article |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Schmitt, Michael N., et. al |
2004 |
Computers and War |
Yes |
Independent Report |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| Schneidewind, Norman |
2010 |
Metrics for Mitigating Cybersecurity Threats to Networks |
Yes |
Journal Article |
4.1 Metrics
|
| Schneier, Bruce |
2003 |
Beyond Fear |
Yes |
Book |
3.2 Actors and Incentives,
4.5 Psychology and Politics,
5.6 Deterrence
|
| Schneier, Bruce |
2008 |
Schneier on Security |
Yes |
Book |
3.2 Actors and Incentives,
4.4 Usability/Human Factors,
5.1 Regulation/Liability
|
| Schwartz, Paul |
2007 |
Notification of Data Security Breaches |
Yes |
Journal Article |
4.2.2 Incentives,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
|
| Secretary of the Air Force |
2011-07-27 |
Legal Reviews of Weapons and Cyber Capabilities |
No |
U.S. Government Report |
4.12 Cyberwar,
5.3 Government Organizations,
5.5 International Law (including Laws of War)
|
| Shackelford, Scott J. |
2010 |
Estonia Three Years Later |
Yes |
Journal Article |
3.2.1 States,
4.12 Cyberwar
|
| Shah, Shashi K. |
2004 |
The Evolving Landscape of Maritime Cybersecurity |
Yes |
Journal Article |
3.3.1 Public Critical Infrastructure,
3.3.2.3 Transportation
|
| Sklerov, Matthew J. |
2009 |
Solving the Dilemma of State Responses to Cyberattacks |
Yes |
Journal Article |
3.2.1 States,
4.8 Attribution,
5.5 International Law (including Laws of War)
|
| Sofaer, Abraham; Clark, David; and Diffie, Whitfield |
2010 |
Cyber Security and International Cooperation |
No |
Journal Article |
5.1 Regulation/Liability,
5.4 International Cooperation,
5.5 International Law (including Laws of War)
|
| Software and Information Industry Association (SAII) |
2011-07-26 |
Guide to Cloud Computing for Policy Makers |
No |
Independent Report |
3.3.3.3 Cloud Computing,
5.1 Regulation/Liability,
5.7 Technology
|
| Stohl, Michael |
2006 |
Cyber Terrorism |
Yes |
Journal Article |
3.2.3 Hacktivists,
3.2.4 Terrorists,
4.5 Psychology and Politics
|
| Stuart Madnick et al. |
2009 |
Experiences and Challenges with Using CERT Data to Analyze International Cyber Security |
Yes |
Journal Article |
4.6 Information Sharing/Disclosure,
5.4 International Cooperation
|
| Swire, Peter P. |
2004 |
A Model for When Disclosure Helps Security |
Yes |
Journal Article |
4.2.2 Incentives,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
|
| Swire, Peter P. |
2006 |
A Theory of Disclosure for Security and Competitive Reasons |
Yes |
Journal Article |
4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
|
| Symantec |
2011-10-24 |
W32.Duqu: The Precursor to the Next Stuxnet |
No |
Industry Report |
3. Threats and Actors,
5.7 Technology
|
| Symantec Corporation |
2010 |
Symantec Global Internet Security Threat Report |
Yes |
Industry Report |
3.3.2.2 Financial Institutions and Networks,
4.2 Economics of Cybersecurity,
4.11 Cybercrime
|
| Telang, Rahul |
2007 |
Impact of Software Vulnerability Announcements on the Market Value of Software Vendors |
Yes |
Journal Article |
4.1 Metrics,
4.2 Economics of Cybersecurity,
4.6 Information Sharing/Disclosure
|
| Theohary, Catherine A. and Rollins, John |
2010 |
Cybersecurity: Current Legislation, Executive Branch Initiatives, and Options for Congress |
Yes |
U.S. Government Report |
4.7 Public-Private Cooperation,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| Thom, Maxie |
2006 |
Information Warfare Arms Control: Risks and Costs |
Yes |
Journal Article |
3.2.1 States,
4.12 Cyberwar,
5. Approaches
|
| Thomas, Rob |
2006 |
The Underground Economy |
Yes |
Journal Article |
3.2.5 Criminals and Criminal Organizations,
3.3.2.2 Financial Institutions and Networks,
4.11 Cybercrime
|
| Threat Level Blog (Wired) |
2010-12-27 |
A Four-Day Dive Into Stuxnet’s Heart |
No |
Independent Report |
3. Threats and Actors,
5.7 Technology
|
| Todd, Graham H. |
2009 |
Armed Attack in Cyberspace |
Yes |
Journal Article |
3.2.1 States,
4.8 Attribution,
5.5 International Law (including Laws of War)
|
| Trend Micro Incorporated |
2010 |
Trend Micro Annual Report |
Yes |
Industry Report |
4.11 Cybercrime
|
| U.S. Air Force |
2010-07-15 |
Cyberspace Operations: Air Force Doctrine Document 3-12 |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil),
4.12 Cyberwar,
5.3 Government Organizations
|
| U.S. Army War College |
2011-05-09 |
Cyber Infrastructure Protection |
No |
U.S. Government Report |
|
| U.S. Army War College, Strategy Research Project |
2011-03-24 |
China’s Cyber Power and America’s National Security |
No |
U.S. Government Report |
3.2.1 States,
4.13 Espionage,
5.3 Government Organizations
|
| U.S. Department of Energy, Infrastructure Security and Energy Restoration |
2007-01-01 |
21 Steps to Improve Cyber Security of SCADA Networks |
No |
U.S. Government Report |
3.3 Security Targets,
5.3 Government Organizations,
5.7 Technology
|
| U.S. Deputy Secretary of Defense, William J. Lynn (Foreign Affairs) |
2010-009 |
Defending a New Domain |
No |
U.S. Government Report |
|
| U.S. House Committee on Appropriations (closed/classified) (Subcommittee on Energy and Power) |
2011-03-31 |
Budget Hearing - National Protection and Programs Directorate, Cybersecurity and Infrastructure Protection Programs |
No |
U.S. Government Hearing |
4.2 Economics of Cybersecurity,
5.3 Government Organizations
|
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2011-02-11 |
What Should the Department of Defense’s Role in Cyber Be? |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics,
4.12 Cyberwar,
5.3 Government Organizations
|
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2011-03-16 |
2012 Budget Request from U.S. Cyber Command |
No |
U.S. Government Hearing |
3.3.1.2 Military Networks (.mil),
4.2 Economics of Cybersecurity
|
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2011-11-03 |
Institutionalizing Irregular Warfare Capabilities |
No |
U.S. Government Hearing |
4.12 Cyberwar
|
| U.S. House Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2012-03-20 |
Fiscal 2013 Defense Authorization: IT and Cyber Operations |
No |
U.S. Government Hearing |
4.2.1 Risk Management and Investment,
5.3 Government Organizations
|
| U.S. House Committee on Energy and Commerce |
2011-05-31 |
Protecting the Electric Grid: the Grid Reliability and Infrastructure Defense Act |
No |
U.S. Government Hearing |
3.3.2.1 Electricity, Oil and Natural Gas,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
|
| U.S. House Committee on Energy and Commerce (Subcommittee on Commerce, Manufacturing, and Trade) |
2011-06-02 |
Sony and Epsilon: Lessons for Data Security Legislation |
No |
U.S. Government Hearing |
4.9 Identity Management,
5.1 Regulation/Liability,
5.2 Private Efforts/Organizations
|
| U.S. House Committee on Energy and Commerce (Subcommittee on Commerce,Trade and Manufacturing) |
2011-06-15 |
Discussion Draft of H.R. ___, a bill to require greater protection for sensitive consumer data and timely notification in case of breach |
No |
U.S. Government Hearing |
4.6 Information Sharing/Disclosure,
4.10 Privacy,
5.1 Regulation/Liability
|
| U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology) |
2012-03-07 |
Cybersecurity:Networks The Pivotal Role of Communications |
No |
U.S. Government Hearing |
3.3.3 Communications,
5.3 Government Organizations,
5.7 Technology
|
| U.S. House Committee on Energy and Commerce (Subcommittee on Communications and Technology) |
2012-03-28 |
Cybersecurity:Threats to Communications Networks and Public-Sector Responses |
No |
U.S. Government Hearing |
3.3.3 Communications,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) |
2011-07-26 |
Cybersecurity: Infrastructure An Overview of Risks to Critical |
No |
U.S. Government Hearing |
3.3.2.1 Electricity, Oil and Natural Gas,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) |
2012-02-28 |
Critical Infrastructure Cybersecurity: Assessments of Smart Grid Security |
No |
U.S. Government Hearing |
3.3.2.1 Electricity, Oil and Natural Gas,
4.2.1 Risk Management and Investment
|
| U.S. House Committee on Energy and Commerce (Subcommittee on Oversight and Investigations) |
2012-03-27 |
IT Supply Chain Security: Review of Government and Industry Efforts |
No |
U.S. Government Hearing |
4.3 Supply Chain Issues
|
| U.S. House Committee on Financial Services (field hearing in Hoover, AL) |
2011-06-29 |
Field Hearing: Hacked Off: Helping Law Enforcement Protect Private Financial Information |
No |
U.S. Government Hearing |
3.3.2.2 Financial Institutions and Networks,
5.1 Regulation/Liability
|
| U.S. House Committee on Financial Services (Subcommittee on Financial Institutions and Consumer Credit) |
2011-09-14 |
Combating Cybercriminals |
No |
U.S. Government Hearing |
3.3.1.1 Government Networks (.gov),
3.3.2.2 Financial Institutions and Networks,
5.7 Government Organizations
|
| U.S. House Committee on Foreign Affairs (Subcommittee on Oversight and Investigations) |
2011-04-15 |
Communist Chinese Cyber-Attacks, Cyber-Espionage and Theft of American Technology |
No |
U.S. Government Hearing |
3.2.1 States,
4.12 Cyberwar,
4.13 Espionage
|
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence) |
2012-04-19 |
The DHS and DOE National Labs: Finding Efficiencies and Optimizing Outputs in Homeland Security Research and Development |
No |
U.S. Government Hearing |
4.2.1 Risk Management and Investment,
5.3 Government Organizations,
5.7 Technology
|
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies and Counterterrorism and Intelligence) |
2012-04-26 |
Iranian Cyber Threat to U.S. Homeland |
No |
U.S. Government Hearing |
3.2.1 States,
3.3 Security Targets,
4.12 Cyberwar
|
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2011-02-11 |
Preventing Chemical Terrorism: Building a Foundation of Security at Our Nation’s Chemical Facilities |
No |
U.S. Government Hearing |
3.3.2 Private Critical Infrastructure,
5.1 Regulation/Liability,
5.7 Technology
|
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2011-03-16 |
Examining the Cyber Threat to Critical Infrastructure and the American Economy |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics,
3.3 Security Targets,
4.2 Economics of Cybersecurity
|
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2011-04-15 |
DHS Cybersecurity Mission: Promoting Innovation and Securing Critical Infrastructure |
No |
U.S. Government Hearing |
3.3.2 Private Critical Infrastructure,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
|
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2011-06-24 |
Examining the Homeland Security Impact of the Obama Administration’s Cybersecurity Proposal |
No |
U.S. Government Hearing |
3.3.1.1 Government Networks (.gov),
4.9 Identity Management,
5.3 Government Organizations
|
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2011-12-06 |
Hearing on Draft Legislative Proposal on Cybersecurity |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
|
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies) |
2012-02-01 |
Consideration and Markup of H.R. 3674 |
No |
U.S. Government Hearing |
4.6 Information Sharing/Disclosure,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
|
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection and Security Technology) |
2011-10-06 |
Cloud Computing: What are the Security Implications? |
No |
U.S. Government Hearing |
3.3.3.3 Cloud Computing,
4.13 Espionage,
5.3 Government Organizations
|
| U.S. House Committee on Homeland Security (Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies) |
2011-05-26 |
Unlocking the SAFETY Act’s Potential to Promote Technology and Combat Terrorism |
No |
U.S. Government Hearing |
4.11 Cybercrime,
5.1 Regulation/Liability,
5.7 Technology
|
| U.S. House Committee on Homeland Security (Subcommittee on Oversight, Investigations and Management) |
2012-04-24 |
America is Under Cyber Attack: Why Urgent Action is Needed |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics,
3.2 Actors and Incentives
|
| U.S. House Committee on Oversight and Government Reform |
2011-07-07 |
Cybersecurity: Assessing the Nation’s Ability to Address the Growing Cyber Threat |
No |
U.S. Government Hearing |
3.3 Security Targets,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| U.S. House Committee on Oversight and Government Reform (Subcommittee on National Security, Homeland Defense and Foreign Operations) |
2011-05-25 |
Cybersecurity: Assessing the Immediate Threat to the United States |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics,
3.3.1 Public Critical Infrastructure,
4.7 Public-Private Cooperation
|
| U.S. House Committee on Science, Space and Technology |
2011-07-21 |
Markup on H.R. 2096, Cybersecurity Enhancement Act of 2011 |
No |
U.S. Government Hearing |
4.2.1 Risk Management and Investment,
5.1 Regulation/Liability,
5.7 Technology
|
| U.S. House Committee on Science, Space and Technology (Subcommittee on Research and Science Education) |
2011-05-25 |
Protecting Information in the Digital Age: Federal Cybersecurity Research and Development Efforts |
No |
U.S. Government Hearing |
3.3.1.1 Government Networks (.gov),
5.3 Government Organizations,
5.7 Technology
|
| U.S. House Committee on Science, Space, and Technology (Subcommittee on Investigations and Oversight) |
2012-02-29 |
NASA Cybersecurity: An Examination of the Agency’s Information Security |
No |
U.S. Government Hearing |
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations,
5.7 Technology
|
| U.S. House Committee on Science, Space, and Technology (Subcommittee on Technology and Innovation) |
2011-09-21 |
The Cloud Computing Outlook |
No |
U.S. Government Hearing |
3.3.3.3 Cloud Computing,
4.7 Public-Private Cooperation,
5.1 Regulation/Liability
|
| U.S. House Committee on Small Business (Subcommittee on Healthcare and Technology) |
2011-12-01 |
Cyber Security: Protecting Your Small Business |
No |
U.S. Government Hearing |
4.2.1 Risk Management and Investment,
5.1 Regulation/Liability
|
| U.S. House Committee on the Judiciary |
2011-11-16 |
Combating Online Piracy (H.R. 3261, Stop the Online Piracy Act) |
No |
U.S. Government Hearing |
4.11 Cybercrime,
5.1 Regulation/Liability
|
| U.S. House Committee on the Judiciary (Subcommittee on Crime, Terrorism and Homeland Security) |
2011-11-15 |
Cybersecurity: Protecting America’s New Frontier |
No |
U.S. Government Hearing |
4.10 Privacy,
4.11 Cybercrime
|
| U.S. House Committee on the Judiciary (Subcommittee on Intellectual Property, Competition and the Internet) |
2011-05-25 |
Cybersecurity: Problems Innovative Solutions to Challenging |
No |
U.S. Government Hearing |
4.7 Public-Private Cooperation,
4.11 Cybercrime,
5.2 Private Efforts/Organizations
|
| U.S. House Permenant Select Committee on Intelligence |
2011-02-10 |
World Wide Threats |
No |
U.S. Government Hearing |
3.1 The Threat and Skeptics,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| U.S. House Permenant Select Committee on Intelligence |
2011-10-04 |
Cyber Threats and Ongoing Efforts to Protect the Nation |
No |
U.S. Government Hearing |
4.7 Public-Private Cooperation,
4.13.2 Industrial Espionage,
5.4 International Cooperation
|
| U.S. House Permenant Select Committee on Intelligence |
2011-12-01 |
Markup: Draft Bill: Cyber Intelligence Sharing and Protection Act of 2011 |
No |
U.S. Government Hearing |
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
|
| U.S. Navy |
2010-06-17 |
DON (Department of the Navy) Cybersecurity/Information Assurance Workforce Management, Oversight and Compliance |
No |
U.S. Government Report |
3.3.1.2 Military Networks (.mil),
5.3 Government Organizations
|
| U.S. Senate Committee on Armed Services |
2012-03-27 |
To receive testimony on U.S. Strategic Command and U.S. Cyber Command in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program. |
No |
U.S. Government Hearing |
3.2.1 States,
4.2 Economics of Cybersecurity,
4.12 Cyberwar
|
| U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2011-05-03 |
To receive testimony on the health and status of the defense industrial base and its science and technology-related elements |
No |
U.S. Government Hearing |
3.3.1.2 Military Networks (.mil),
4.3 Supply Chain Issues,
5.3 Government Organizations
|
| U.S. Senate Committee on Armed Services (Subcommittee on Emerging Threats and Capabilities) |
2012-03-20 |
To receive testimony on cybersecurity research and development in review of the Defense Authorization Request for Fiscal Year 2013 and the Future Years Defense Program |
No |
U.S. Government Hearing |
4.2.1 Risk Management and Investment,
4.12 Cyberwar,
5.3 Government Organizations
|
| U.S. Senate Committee on Banking, Housing and Urban Affairs |
2011-06-21 |
Cybersecurity and Data Protection in the Financial Sector |
No |
U.S. Government Hearing |
3.3.2.2 Financial Institutions and Networks,
4.10 Privacy,
5.1 Regulation/Liability
|
| U.S. Senate Committee on Commerce, Science and Transportation |
2011-06-29 |
Privacy and Data Security: Protecting Consumers in the Modern World |
No |
U.S. Government Hearing |
4.9 Identity Management,
4.10 Privacy,
5.1 Regulation/Liability
|
| U.S. Senate Committee on Energy and Natural Resources |
2011-03-15 |
[ Cybersecurity and Critical Electric Infrastructure (closed)] |
No |
U.S. Government Hearing |
3.3.2.1 Electricity, Oil and Natural Gas
|
| U.S. Senate Committee on Energy and Natural Resources |
2011-05-05 |
Cybersecurity of the Bulk-Power System and Electric Infrastructure |
No |
U.S. Government Hearing |
3.3.2.1 Electricity, Oil and Natural Gas,
4.7 Public-Private Cooperation
|
| U.S. Senate Committee on Homeland Security and Governmental Affairs |
2011-02-17 |
Homeland Security Department’s Budget Submission for Fiscal Year 2012 |
No |
U.S. Government Hearing |
|
| U.S. Senate Committee on Homeland Security and Governmental Affairs |
2011-03-10 |
Information Sharing in the Era of WikiLeaks: Balancing Security and Collaboration |
No |
U.S. Government Hearing |
3.3.1 Public Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
|
| U.S. Senate Committee on Homeland Security and Governmental Affairs |
2011-05-23 |
Protecting Cyberspace: Assessing the White House Proposal |
No |
U.S. Government Hearing |
3.3 Security Targets,
5.1 Regulation/Liability
|
| U.S. Senate Committee on Homeland Security and Governmental Affairs |
2012-02-16 |
Securing America’s Future: The Cybersecurity Act of 2012 |
No |
U.S. Government Hearing |
3.3.2 Private Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
|
| U.S. Senate Committee on Judiciary |
2011-03-30 |
Oversight of the Federal Bureau of Investigation |
No |
U.S. Government Hearing |
3. Threats and Actors,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
|
| U.S. Senate Committee on Judiciary |
2011-09-07 |
Cybercrime: Updating the Computer Fraud and Abuse Act to Protect Cyberspace and Combat Emerging Threats |
No |
U.S. Government Hearing |
3.11 Cybercrime,
4.13.2 Industrial Espionage,
5.1 Regulation/Liability
|
| U.S. Senate Committee on Judiciary |
2012-03-13 |
The Freedom of Information Act: Safeguarding Critical Infrastructure Information and the Public’s Right to Know |
No |
U.S. Government Hearing |
3.3.1 Public Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.1 Regulation/Liability
|
| U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism) |
2011-04-12 |
Cyber Security: Responding to the Threat of Cyber Crime and Terrorism |
No |
U.S. Government Hearing |
4.11 Cybercrime,
5.1 Regulation/Liability
|
| U.S. Senate Committee on Judiciary (Subcommittee on Crime and Terrorism) |
2011-06-21 |
Cybersecurity: Evaluating the Administration’s Proposals |
No |
U.S. Government Hearing |
1. Overview,
5.1 Regulation/Liability,
5.3 Government Organizations
|
| U.S. Senate Committee on Small Business and Entrepreneurship |
2011-07-25 |
Role of Small Business in Strengthening Cybersecurity Efforts in the United States |
No |
U.S. Government Hearing |
4.2.2 Incentives,
4.7 public-Private Cooperation
|
| United States Secret Service |
2004 |
Insider Threat Study |
Yes |
U.S. Government Report |
3.3.2.2 Financial Institutions and Networks,
4.2.2 Incentives,
4.4 Usability/Human Factors
|
| University of Southern California (USC) Information Sciences Institute, University of California Berkeley (UCB), McAfee Research |
2011-01-13 |
Design of the DETER Security Testbed |
No |
Independent Report |
5.3 Government Organizations,
5.7 Technology
|
| van Eeten, Michael and Bauer, Johannes M. |
2009 |
Emerging Threats to Internet Security: Incentives, Externalities and Policy Implications |
Yes |
Journal Article |
3.3.1.1 Government Networks (.gov),
4.2 Economics of Cybersecurity,
4.11 Cybercrime
|
| van Eeten, Michel J. G. |
2008 |
Economics of Malware |
Yes |
Non-U.S. Government Report |
4.2 Economics of Cybersecurity
|
| Varian, Hal |
2000 |
Managing Online Security Risks |
Yes |
Article |
4.2 Economics of Cybersecurity,
4.2.1 Risk Management and Investment
|
| Varian, Hal |
2004 |
System Reliability and Free Riding |
Yes |
Book |
4.2 Economics of Cybersecurity
|
| Vatis, Michael A. |
2010 |
The Council of Europe Convention on Cybercrime |
No |
Journal Article |
4.11 Cybercrime,
5.5 International Law (including Laws of War),
5.6 Deterrence
|
| Verizon |
2010 |
2010 Data Breach Investigations Report |
Yes |
Industry Report |
3.3.2.2 Financial Institutions and Networks,
4.11 Cybercrime,
5.2 Private Efforts/Organizations
|
| Watts, Sean |
2010 |
Combatant Status and Computer Network Attack |
Yes |
Journal Article |
3.2.1 States,
4.12 Cyberwar,
5.5 International Law (including Laws of War)
|
| White House |
2009 |
Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure |
No |
U.S. Government Report |
1. Overview,
4.7 Public-Private Cooperation
|
| White House |
2011-04 |
National Strategy for Trusted Identities in Cyberspace: Enhancing Online Choice, Efficiency, Security, and Privacy |
No |
U.S. Government Report |
4.7 Public-Private Cooperation,
4.9 Identity Management
|
| White House |
2011-05 |
International Strategy for Cyberspace: Prosperity, Security, and Openness in a Networked World |
No |
U.S. Government Report |
1. Overview
|
| White House |
2012-01 |
National Strategy for Global Supply Chain Security |
No |
U.S. Government Report |
4.3 Supply Chain Issues
|
| White House |
2012-02 |
Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy |
No |
U.S. Government Report |
4.10 Privacy,
5.1 Regulation/Liability
|
| White House |
2010-12-16 |
Designing A Digital Future: Federally Funded Research And Development In Networking And Information Technology |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
4. Issues,
5. Approaches
|
| White House |
2011-02-13 |
Federal Cloud Computing Strategy |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing,
5.3 Government Organizations,
5.7 Technology
|
| White House |
2011-04-15 |
Administration Releases Strategy to Protect Online Consumers and Support Innovation and Fact Sheet on National Strategy for Trusted Identities in Cyberspace |
No |
U.S. Government Report |
4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
|
| White House |
2011-04-15 |
National Strategy for Trusted Identities in Cyberspace |
No |
U.S. Government Report |
4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
|
| White House |
2003 |
The National Strategy to Secure Cyberspace |
Yes |
U.S. Government Report |
4.7 Public-Private Cooperation,
5.3 Government Organizations,
5.4 International Cooperation
|
| White House |
2009 |
Cyberspace Policy Review |
Yes |
U.S. Government Report |
4.7 Public-Private Cooperation,
5.2 Private Efforts/Organizations,
5.3 Government Organizations
|
| White House |
2010 |
The Comprehensive National Cybersecurity Initiative |
Yes |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
3.3.2 Private Critical Infrastructure,
5.3 Government Organizations
|
| White House (Office of Science & Technology Policy) |
2010-12-06 |
Partnership for Cybersecurity Innovation |
No |
U.S. Government Report |
3.3.2.2 Financial Institutions and Networks,
4.7 Public-Private Cooperation,
5.3 Government Organizations
|
| White House/Office of Management and Budget (OMB) |
2011-12-08 |
Security Authorization of Information Systems in Cloud Computing Environments (FedRAMP) |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing,
5.3 Government Organizations
|
| White House/OMB |
2009-05-29 |
Cyberspace Policy Review: Assuring a Trusted and Resilient Communications Infrastructure |
No |
U.S. Government Report |
4. Issues,
5. Approaches
|
| White House/OMB |
2010-03-02 |
Comprehensive National Cybersecurity Initiative (CNCI) |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
5.3 Government Organizations,
5.7 Technology
|
| White House/OMB |
2010-06-25 |
The National Strategy for Trusted Identities in Cyberspace: Creating Options for Enhanced Online Security and Privacy |
No |
U.S. Government Report |
4.7 Public-Private Cooperation,
4.9 Identity Management,
5.3 Government Organizations
|
| White House/OMB |
2010-07-06 |
Clarifying Cybersecurity Responsibilities |
No |
U.S. Government Report |
5.3 Government Organizations
|
| White House/OMB |
2010-12-09 |
25 Point Implementation Plan to Reform Federal Information Technology Management |
No |
U.S. Government Report |
4.2 Economics of Cybersecurity,
5.3 Government Organizations,
5.7 Technology
|
| White House/OMB |
2011-02-13 |
Federal Cloud Computing Strategy |
No |
U.S. Government Report |
3.3.3.3 Cloud Computing,
5.3 Government Organizations,
5.7 Technology
|
| White House/OMB |
2011-05-12 |
Cybersecurity Legislative Proposal (Fact Sheet) |
No |
U.S. Government Report |
4. Issues,
5.3 Government Organizations
|
| White House/OMB |
2011-05-16 |
International Strategy for Cyberspace |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure,
5.3 Government Organizations,
5.4 International Cooperation
|
| White House/OMB |
2011-09-14 |
FY 2012 Reporting Instructions for the Federal Information Security Management Act and Agency Privacy Managementa |
No |
U.S. Government Report |
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
|
| White House/OMB |
2011-10-07 |
Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information |
No |
U.S. Government Report |
3.3.1 Public Critical Infrastructure,
4.6 Information Sharing/Disclosure,
5.3 Government Organizations
|
| White House/OMB |
2011-12-06 |
Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program |
No |
U.S. Government Report |
5.3 Government Organizations,
5.7 Technology
|
| Wilshusen, Gregory C. and Powner, David A. |
2009 |
Continued Efforts Are Needed to Protect Information Systems from Evolving Threats |
Yes |
U.S. Government Hearing |
3.3.1.1 Government Networks (.gov),
5.1 Regulation/Liability,
5.3 Government Organizations
|
| Wilson, Clay |
2007-03-20 |
Information Operations, Electronic Warfare, and Cyberwar: Capabilities and Related Policy Issues |
No |
U.S. Government Report |
3.3 Security Targets,
4.12 Cyberwar
|
| Zittrain, Jonathan L. |
2008 |
The Future of the Internet and How To Stop It |
Yes |
Book |
4.4 Usability/Human Factors,
5.1 Regulation/Liability
|
| Centre for Secure Information Technologies |
2012 |
2nd World Cyber security Technology Research Summit (Belfast 2012) |
No |
Independent Report |
|
