chevron-down Created with Sketch Beta.
Resources

Other Resources

Domestic

Information Sharing

Legal Services Information Sharing and Analysis Organization (LS-ISAO)

Permanent Sites

Center for Internet Security (CIS) Controls

Cyber Threat Alliance

Data Law Insights Blog (Crowell Moring)

Legal Cloud Computing Association Security Standards

MANDIANT Intelligence Center Reports

National Conference of State Legislatures Task Force on Cybersecurity

Okta Inc.: Checklist: 12 Key Steps for Protection Against Data Breaches

2024

Report and Recommendations to NYSBA House of Delegations (New York State Bar Association, Task Force on Artificial Intelligence)

2023 

Ransomware, extortion and the cyber crime ecosystem (National Cyber Security Centre)

2022

Your Law Firm Has Been Breached: Who Are You Going To Call? (Above the Law)

2021

The Coming AI Hackers (Harvard Kennedy School Belfer Center for Science and International Affairs)

State of Cybersecurity 2021: Cyber Field Thriving Despite Pandemic (ISACA)

2020

Top Cybersecurity Resources for Students and Professionals (Purdue University Global)

2020 Data Breach Investigations Report (Verizon)

2020 Experian Data Breach Industry Forecast

2019

How Much Privacy Do You Have Online? (University of Dayton School of Law)

2019 Data Breach Investigations Report (Verizon)

Resources for Measuring Cybersecurity: A Partial Annotated Bibliography (R Street Institute)

Cyber Risk Assessment (Coalition)

How to Put Together a Knockout Data Security Plan (ColoCrossing)

2019 Experian Data Breach Industry Forecast

Cybersecurity Best Practices for Legal Professionals (Aimee O'Driscoll, Comparitech)

2018

Deliver Uncompromised: A Strategy for Supply Chain Security and Resilience in Response to the Changing Character of War MITRE

The National Academies of Sciences, Engineering and Medicine Released New Report
NAS released an important and timely report on "Decrypting the Encryption Debate: A Framework for Decision Makers."

Aliens Invade New Mexico: Higher Education and Cybersecurity at a Crossroads
David M. Furr
Gray, Layton, Kersh, Solomon, Furr & Smith

2017

66 Ways to Protect Your Privacy Right Now
Consumer Reports

Model Information Protection and Security Controls for Outside Counsel Possessing Company Confidential Information
Association of Corporate Counsel

Internet Security Threat Report (ISTR) April 2017
Symantec

Avoiding the Bullseye: Cybersecurity Lessons from the Target Litigation
David M. Furr
Gray, Layton, Kersh, Solomon, Furr & Smith

Legal Bulletin: Internet Scams Targeting Attorneys
USI Affinity 

Phishing in Troubled Waters: Confronting Cyber Espionage Across the Pacific and Strait of Taiwan
Center for a New American Security

From Awareness to Action: A Cybersecurity Agenda for the 45th President
Center for Strategic & International Studies

2016

Cyber-Risk Oversight Director's Handbook 2016
National Association of Corporate Directors

Into the Gray Zone: The Private Sector and Active Defense against Cyber Threats
The George Washington University: Center for Cyber & Homeland Security

Purchasers' Guide to Cyber Insurance Products
Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security, American Bankers Association

2015

"What Will You Do When Your Law Firm Is Breached?"
by Sharon D. Nelson & John W. Simek, Law Practice Magazine

Survey of the Law of Cyberspace: An Introduction
John A. Rothchild 
The Business Lawyer, Winter 2015-2016

Job Market Intelligence: Cybersecurity Jobs
Burning Glass, 2015

2013

The Report of the Commission on the Theft of American Intellectual Property The National Bureau of Asian Research

Internet Security Threat Report (2013) Appendix and Supplemental Data
Symantec

Adequate Attribution: A Framework for Developing a National Policy for Private Sector Use of Active Defense
Shane McGee, Randy V. Sabett and Anand Shah
Journal of Business & Technology Law

Active Defense Resources
Louisa K. Marion
Crowell & Moring LLP

Reconsidering Deterrence in Cyberspace
James Andrew Lewis
CSIS

Low-level cyberattacks are common but truly damaging ones are rare
James Andrew Lewis
Washington Post

Creating the Demand Curve for Cybersecurity
Melissa Hathaway

Falling Prey to Cybercrime: Implications for Business and the Economy
Melissa Hathaway

A "Drone Court": some pros and cons
Center on National Security, Fordham Law School - Speech by Jeh Johnson, March 18, 2013

Calling General Counsel to the Front Lines of Cybersecurity
Corporate Counsel by Sue Reisinger, February 2013

2012

Leadership and Responsibility for Cybersecurity
Melissa Hathaway

Stewardship of Cyberspace - Duties for Internet Service Providers
Melissa Hathaway & John Savage

Cybersecurity: The Corporate Counsel's Agenda
Harriet Pearson, December 2012
Privacy and Security Law Report

The Hackback Debate
Stewart Baker and Orin Kerr, November 2012
The vulnerability of computer networks to hacking grows more troubling every year. No network is safe, and hacking has evolved from an obscure hobby to a major national security concern. Yet few cyberspies or cybercriminals have been caught and punished. Law enforcement is overwhelmed both by the number of attacks and by the technical unfamiliarity of the crimes. Can the victims of hacking take more action to protect themselves? Can they hack back and mete out their own justice?

Governance of Enterprise Security: CyLab Report 2012
Jody Westby, May 2012 
A report on how boards and senior executives are managing cyber risks.

2012 Data Breach Investigations Report
Verizon, March 2012
A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting and Information Security Service, Police Central e-Crime Unit, and the U.S. Secret Service.

Five Strategies for Countering Cyber Threats
Government Executive, 2012
A study that highlights five key public service efforts under way to strengthen cybersecurity.

2010

Journal of National Security Law & Policy - Cybersecurity (Winter 2010, Vol. 4 No. 1)
This issue contributes to the national debate on cyber-related issues by supplying some of the missing pieces of the discussion, focusing on the largest and most difficult sub-set: cybersecurity.

International

2021

Integrating Cyber Capacity into the Digital Development Agenda (Global Forum on Cyber Expertise)

2020

What does 'Schrems II' mean for EU-UK data flows? International Association of Privacy Professionals, July 2020

2017

The Tallinn Manual 2.0
Prepared by the International Groups of Experts at the Invitation of the NATO Cooperative Cyber Defense Center of Excellence

2013

The Tallinn Manual on the International Law Applicable to Cyber Warfare
Edited by Michael N. Schmitt, NATO Cooperative Cyber Defence Centre of Excellence

Cybersecurity: A View From the Front
New York Times by Toomas Hendrik Ilves, April 11, 2013

Exposing One of China’s Cyber Espionage Units 
Mandiant, February 2013
A report exposing a multi-year espionage campaign by one of the largest “Advanced Persistent Threat” (APT) groups that provides evidence linking one group, designated by Mandiant as APT1, to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Unit Cover Designator 61398). It details how it has systematically stolen confidential data from at least 141 organizations across multiple industries.

14 Global Cybersecurity Challenges for 2013
By David Gewirtz, January 2013
Cybercrime, cyberespionage, and straight out cyberattacks will increase in both frequency and ferocity over the next 12 months.The bottom line is 2013 will hurt. When it comes to cyber-preparedness, we are not in the best position. Getting our senior executives, politicians, friends, and family to pay attention and pay for security is perhaps our biggest challenge.

2012

Guidance on Data Security Breach Management Information Commissioner's Office

National Cyber Security Framework Manual   

Edited by Alexander Klimburg 
A manual published by NATO Cooperative Cyber Defence Centre of Excellence that provides detailed background  information and theoretical frameworks to help the reader understand the different  facets of national cyber security, according to different levels of public policy 
formulation.

E.U. Cyber Security Agency Lists Top Emerging Technology Threats
European Network and Information Security, September 2012
The top threats in emerging technology areas include "drive-by exploits," which is the injection of malicious code to exploit Web browser vulnerabilities, said the European Union's cyber security agency in a report issued Tuesday.

A Global Reality: Governmental Access to Data in the Cloud      
Hogan Lovells, May 2012 
A comparative analysis of ten international jurisdictions.

2008

Global Trends 2025: A Transformed World
National Intelligence Council & Office of the Director of National Intelligence, November 2008