chevron-down Created with Sketch Beta.
    Resources

    Other Resources

    Domestic

    Information Sharing

    Legal Services Information Sharing and Analysis Organization (LS-ISAO)

    Permanent Sites

    Center for Internet Security (CIS) Controls

    Cyber Threat Alliance

    Data Law Insights Blog
    Crowell Moring
    Legal Insights on Navigating Privacy, Data Protection, Cybersecurity, Information Governance and E-Discovery

    Legal Cloud Computing Association Security Standards

    MANDIANT Intelligence Center Reports

    National Conference of State Legislatures Task Force on Cybersecurity

    Okta Inc.: Checklist: 12 Key Steps for Protection Against Data Breaches

    Understanding Cybersecurity Threats in Law Practice
    Special Counsel

    2023 

    Ransomware, extortion and the cyber crime ecosystem (National Cyber Security Centre)

    2022

    Your Law Firm Has Been Breached: Who Are You Going To Call? (Above the Law)

    2021

    The Coming AI Hackers (Harvard Kennedy School Belfer Center for Science and International Affairs)

    State of Cybersecurity 2021: Cyber Field Thriving Despite Pandemic (ISACA)

    2020

    Top Cybersecurity Resources for Students and Professionals (Purdue University Global)

    2020 Data Breach Investigations Report (Verizon)

    2020 Experian Data Breach Industry Forecast

    2019

    How Much Privacy Do You Have Online? (University of Dayton School of Law)

    2019 Data Breach Investigations Report (Verizon)

    Resources for Measuring Cybersecurity: A Partial Annotated Bibliography (R Street Institute)

    Cyber Risk Assessment (Coalition)

    How to Put Together a Knockout Data Security Plan (ColoCrossing)

    2019 Experian Data Breach Industry Forecast

    Cybersecurity Best Practices for Legal Professionals (Aimee O'Driscoll, Comparitech)

    2018

    Deliver Uncompromised: A Strategy for Supply Chain Security and Resilience in Response to the Changing Character of War MITRE

    The National Academies of Sciences, Engineering and Medicine Released New Report
    NAS released an important and timely report on "Decrypting the Encryption Debate: A Framework for Decision Makers."

    Aliens Invade New Mexico: Higher Education and Cybersecurity at a Crossroads
    David M. Furr
    Gray, Layton, Kersh, Solomon, Furr & Smith

    2017

    66 Ways to Protect Your Privacy Right Now
    Consumer Reports

    Model Information Protection and Security Controls for Outside Counsel Possessing Company Confidential Information
    Association of Corporate Counsel

    Internet Security Threat Report (ISTR) April 2017
    Symantec

    Avoiding the Bullseye: Cybersecurity Lessons from the Target Litigation
    David M. Furr
    Gray, Layton, Kersh, Solomon, Furr & Smith

    Legal Bulletin: Internet Scams Targeting Attorneys
    USI Affinity 

    Phishing in Troubled Waters: Confronting Cyber Espionage Across the Pacific and Strait of Taiwan
    Center for a New American Security

    From Awareness to Action: A Cybersecurity Agenda for the 45th President
    Center for Strategic & International Studies

    2016

    Cyber-Risk Oversight Director's Handbook 2016
    National Association of Corporate Directors

    Into the Gray Zone: The Private Sector and Active Defense against Cyber Threats
    The George Washington University: Center for Cyber & Homeland Security

    2016 Cyber Insurance Buying Guide
    Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security, American Bankers Association

    2015

    "What Will You Do When Your Law Firm Is Breached?"
    by Sharon D. Nelson & John W. Simek, Law Practice Magazine

    Survey of the Law of Cyberspace: An Introduction
    John A. Rothchild 
    The Business Lawyer, Winter 2015-2016

    Job Market Intelligence: Cybersecurity Jobs
    Burning Glass, 2015

    2013

    The Report of the Commission on the Theft of American Intellectual Property The National Bureau of Asian Research

    Internet Security Threat Report (2013) Appendix and Supplemental Data
    Symantec

    Adequate Attribution: A Framework for Developing a National Policy for Private Sector Use of Active Defense
    Shane McGee, Randy V. Sabett and Anand Shah
    Journal of Business & Technology Law

    Active Defense Resources
    Louisa K. Marion
    Crowell & Moring LLP

    Reconsidering Deterrence in Cyberspace
    James Andrew Lewis
    CSIS

    Low-level cyberattacks are common but truly damaging ones are rare
    James Andrew Lewis
    Washington Post

    Creating the Demand Curve for Cybersecurity
    Melissa Hathaway

    Falling Prey to Cybercrime: Implications for Business and the Economy
    Melissa Hathaway

    A "Drone Court": some pros and cons
    Center on National Security, Fordham Law School - Speech by Jeh Johnson, March 18, 2013

    Calling General Counsel to the Front Lines of Cybersecurity
    Corporate Counsel by Sue Reisinger, February 2013

    2012

    Leadership and Responsibility for Cybersecurity
    Melissa Hathaway

    Stewardship of Cyberspace - Duties for Internet Service Providers
    Melissa Hathaway & John Savage

    Cybersecurity: The Corporate Counsel's Agenda
    Harriet Pearson, December 2012
    Privacy and Security Law Report

    The Hackback Debate
    Stewart Baker and Orin Kerr, November 2012
    The vulnerability of computer networks to hacking grows more troubling every year. No network is safe, and hacking has evolved from an obscure hobby to a major national security concern. Yet few cyberspies or cybercriminals have been caught and punished. Law enforcement is overwhelmed both by the number of attacks and by the technical unfamiliarity of the crimes. Can the victims of hacking take more action to protect themselves? Can they hack back and mete out their own justice?

    Governance of Enterprise Security: CyLab Report 2012
    Jody Westby, May 2012 
    A report on how boards and senior executives are managing cyber risks.

    2012 Data Breach Investigations Report
    Verizon, March 2012
    A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting and Information Security Service, Police Central e-Crime Unit, and the U.S. Secret Service.

    Five Strategies for Countering Cyber Threats
    Government Executive, 2012
    A study that highlights five key public service efforts under way to strengthen cybersecurity.

    2010

    Journal of National Security Law & Policy - Cybersecurity (Winter 2010, Vol. 4 No. 1)
    This issue contributes to the national debate on cyber-related issues by supplying some of the missing pieces of the discussion, focusing on the largest and most difficult sub-set: cybersecurity.

    International

    2021

    Integrating Cyber Capacity into the Digital Development Agenda (Global Forum on Cyber Expertise)

    2020

    What does 'Schrems II' mean for EU-UK data flows? International Association of Privacy Professionals, July 2020

    2017

    The Tallinn Manual 2.0
    Prepared by the International Groups of Experts at the Invitation of the NATO Cooperative Cyber Defense Center of Excellence

    2013

    The Tallinn Manual on the International Law Applicable to Cyber Warfare
    Edited by Michael N. Schmitt, NATO Cooperative Cyber Defence Centre of Excellence

    Cybersecurity: A View From the Front
    New York Times by Toomas Hendrik Ilves, April 11, 2013

    Exposing One of China’s Cyber Espionage Units 
    Mandiant, February 2013
    A report exposing a multi-year espionage campaign by one of the largest “Advanced Persistent Threat” (APT) groups that provides evidence linking one group, designated by Mandiant as APT1, to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Unit Cover Designator 61398). It details how it has systematically stolen confidential data from at least 141 organizations across multiple industries.

    14 Global Cybersecurity Challenges for 2013
    By David Gewirtz, January 2013
    Cybercrime, cyberespionage, and straight out cyberattacks will increase in both frequency and ferocity over the next 12 months.The bottom line is 2013 will hurt. When it comes to cyber-preparedness, we are not in the best position. Getting our senior executives, politicians, friends, and family to pay attention and pay for security is perhaps our biggest challenge.

    2012

    Guidance on Data Security Breach Management Information Commissioner's Office

    National Cyber Security Framework Manual   

    Edited by Alexander Klimburg 
    A manual published by NATO Cooperative Cyber Defence Centre of Excellence that provides detailed background  information and theoretical frameworks to help the reader understand the different  facets of national cyber security, according to different levels of public policy 
    formulation.

    E.U. Cyber Security Agency Lists Top Emerging Technology Threats
    European Network and Information Security, September 2012
    The top threats in emerging technology areas include "drive-by exploits," which is the injection of malicious code to exploit Web browser vulnerabilities, said the European Union's cyber security agency in a report issued Tuesday.

    A Global Reality: Governmental Access to Data in the Cloud      
    Hogan Lovells, May 2012 
    A comparative analysis of ten international jurisdictions.

    2008

    Global Trends 2025: A Transformed World
    National Intelligence Council & Office of the Director of National Intelligence, November 2008