chevron-down Created with Sketch Beta.

Other Resources


Information Sharing

Legal Services Information Sharing and Analysis Organization (LS-ISAO)

Permanent Sites

Center for Internet Security (CIS) Controls

Cyber Threat Alliance

Data Law Insights Blog
Crowell Moring
Legal Insights on Navigating Privacy, Data Protection, Cybersecurity, Information Governance and E-Discovery

Legal Cloud Computing Association Security Standards

MANDIANT Intelligence Center Reports

National Conference of State Legislatures Task Force on Cybersecurity

Okta Inc.: Checklist: 12 Key Steps for Protection Against Data Breaches

Understanding Cybersecurity Threats in Law Practice
Special Counsel


Report and Recommendations to NYSBA House of Delegations (New York State Bar Association, Task Force on Artificial Intelligence)


Ransomware, extortion and the cyber crime ecosystem (National Cyber Security Centre)


Your Law Firm Has Been Breached: Who Are You Going To Call? (Above the Law)


The Coming AI Hackers (Harvard Kennedy School Belfer Center for Science and International Affairs)

State of Cybersecurity 2021: Cyber Field Thriving Despite Pandemic (ISACA)


Top Cybersecurity Resources for Students and Professionals (Purdue University Global)

2020 Data Breach Investigations Report (Verizon)

2020 Experian Data Breach Industry Forecast


How Much Privacy Do You Have Online? (University of Dayton School of Law)

2019 Data Breach Investigations Report (Verizon)

Resources for Measuring Cybersecurity: A Partial Annotated Bibliography (R Street Institute)

Cyber Risk Assessment (Coalition)

How to Put Together a Knockout Data Security Plan (ColoCrossing)

2019 Experian Data Breach Industry Forecast

Cybersecurity Best Practices for Legal Professionals (Aimee O'Driscoll, Comparitech)


Deliver Uncompromised: A Strategy for Supply Chain Security and Resilience in Response to the Changing Character of War MITRE

The National Academies of Sciences, Engineering and Medicine Released New Report
NAS released an important and timely report on "Decrypting the Encryption Debate: A Framework for Decision Makers."

Aliens Invade New Mexico: Higher Education and Cybersecurity at a Crossroads
David M. Furr
Gray, Layton, Kersh, Solomon, Furr & Smith


66 Ways to Protect Your Privacy Right Now
Consumer Reports

Model Information Protection and Security Controls for Outside Counsel Possessing Company Confidential Information
Association of Corporate Counsel

Internet Security Threat Report (ISTR) April 2017

Avoiding the Bullseye: Cybersecurity Lessons from the Target Litigation
David M. Furr
Gray, Layton, Kersh, Solomon, Furr & Smith

Legal Bulletin: Internet Scams Targeting Attorneys
USI Affinity 

Phishing in Troubled Waters: Confronting Cyber Espionage Across the Pacific and Strait of Taiwan
Center for a New American Security

From Awareness to Action: A Cybersecurity Agenda for the 45th President
Center for Strategic & International Studies


Cyber-Risk Oversight Director's Handbook 2016
National Association of Corporate Directors

Into the Gray Zone: The Private Sector and Active Defense against Cyber Threats
The George Washington University: Center for Cyber & Homeland Security

2016 Cyber Insurance Buying Guide
Financial Services Sector Coordinating Council for Critical Infrastructure Protection and Homeland Security, American Bankers Association


"What Will You Do When Your Law Firm Is Breached?"
by Sharon D. Nelson & John W. Simek, Law Practice Magazine

Survey of the Law of Cyberspace: An Introduction
John A. Rothchild 
The Business Lawyer, Winter 2015-2016

Job Market Intelligence: Cybersecurity Jobs
Burning Glass, 2015


The Report of the Commission on the Theft of American Intellectual Property The National Bureau of Asian Research

Internet Security Threat Report (2013) Appendix and Supplemental Data

Adequate Attribution: A Framework for Developing a National Policy for Private Sector Use of Active Defense
Shane McGee, Randy V. Sabett and Anand Shah
Journal of Business & Technology Law

Active Defense Resources
Louisa K. Marion
Crowell & Moring LLP

Reconsidering Deterrence in Cyberspace
James Andrew Lewis

Low-level cyberattacks are common but truly damaging ones are rare
James Andrew Lewis
Washington Post

Creating the Demand Curve for Cybersecurity
Melissa Hathaway

Falling Prey to Cybercrime: Implications for Business and the Economy
Melissa Hathaway

A "Drone Court": some pros and cons
Center on National Security, Fordham Law School - Speech by Jeh Johnson, March 18, 2013

Calling General Counsel to the Front Lines of Cybersecurity
Corporate Counsel by Sue Reisinger, February 2013


Leadership and Responsibility for Cybersecurity
Melissa Hathaway

Stewardship of Cyberspace - Duties for Internet Service Providers
Melissa Hathaway & John Savage

Cybersecurity: The Corporate Counsel's Agenda
Harriet Pearson, December 2012
Privacy and Security Law Report

The Hackback Debate
Stewart Baker and Orin Kerr, November 2012
The vulnerability of computer networks to hacking grows more troubling every year. No network is safe, and hacking has evolved from an obscure hobby to a major national security concern. Yet few cyberspies or cybercriminals have been caught and punished. Law enforcement is overwhelmed both by the number of attacks and by the technical unfamiliarity of the crimes. Can the victims of hacking take more action to protect themselves? Can they hack back and mete out their own justice?

Governance of Enterprise Security: CyLab Report 2012
Jody Westby, May 2012 
A report on how boards and senior executives are managing cyber risks.

2012 Data Breach Investigations Report
Verizon, March 2012
A study conducted by the Verizon RISK Team with cooperation from the Australian Federal Police, Dutch National High Tech Crime Unit, Irish Reporting and Information Security Service, Police Central e-Crime Unit, and the U.S. Secret Service.

Five Strategies for Countering Cyber Threats
Government Executive, 2012
A study that highlights five key public service efforts under way to strengthen cybersecurity.


Journal of National Security Law & Policy - Cybersecurity (Winter 2010, Vol. 4 No. 1)
This issue contributes to the national debate on cyber-related issues by supplying some of the missing pieces of the discussion, focusing on the largest and most difficult sub-set: cybersecurity.



Integrating Cyber Capacity into the Digital Development Agenda (Global Forum on Cyber Expertise)


What does 'Schrems II' mean for EU-UK data flows? International Association of Privacy Professionals, July 2020


The Tallinn Manual 2.0
Prepared by the International Groups of Experts at the Invitation of the NATO Cooperative Cyber Defense Center of Excellence


The Tallinn Manual on the International Law Applicable to Cyber Warfare
Edited by Michael N. Schmitt, NATO Cooperative Cyber Defence Centre of Excellence

Cybersecurity: A View From the Front
New York Times by Toomas Hendrik Ilves, April 11, 2013

Exposing One of China’s Cyber Espionage Units 
Mandiant, February 2013
A report exposing a multi-year espionage campaign by one of the largest “Advanced Persistent Threat” (APT) groups that provides evidence linking one group, designated by Mandiant as APT1, to China’s 2nd Bureau of the People’s Liberation Army (PLA) General Staff Department’s (GSD) 3rd Department (Military Unit Cover Designator 61398). It details how it has systematically stolen confidential data from at least 141 organizations across multiple industries.

14 Global Cybersecurity Challenges for 2013
By David Gewirtz, January 2013
Cybercrime, cyberespionage, and straight out cyberattacks will increase in both frequency and ferocity over the next 12 months.The bottom line is 2013 will hurt. When it comes to cyber-preparedness, we are not in the best position. Getting our senior executives, politicians, friends, and family to pay attention and pay for security is perhaps our biggest challenge.


Guidance on Data Security Breach Management Information Commissioner's Office

National Cyber Security Framework Manual   

Edited by Alexander Klimburg 
A manual published by NATO Cooperative Cyber Defence Centre of Excellence that provides detailed background  information and theoretical frameworks to help the reader understand the different  facets of national cyber security, according to different levels of public policy 

E.U. Cyber Security Agency Lists Top Emerging Technology Threats
European Network and Information Security, September 2012
The top threats in emerging technology areas include "drive-by exploits," which is the injection of malicious code to exploit Web browser vulnerabilities, said the European Union's cyber security agency in a report issued Tuesday.

A Global Reality: Governmental Access to Data in the Cloud      
Hogan Lovells, May 2012 
A comparative analysis of ten international jurisdictions.


Global Trends 2025: A Transformed World
National Intelligence Council & Office of the Director of National Intelligence, November 2008