donate EXPLORE
donate

Virtual Library

Our virtual library is an online repository of all of the reports, papers, and briefings that IST has produced, as well as works that have influenced our thinking.

Submit your Content
Advanced Search

Reports

Enhancing Cyber Resilience through Insurance: Revisiting Anti-Bundling Regulation

Sophia Mauro and Taylor Grossman

viewpdf

Op-ed

ROOST Reminds Us Why Open Source Tools Matter

view

Reports

Navigating AI Compliance, Part 2: Risk Mitigation Strategies for Safeguarding Against Future Failures

Mariami Tkeshelashvili, Tiffany Saade

viewpdf

Reports

Deterring the Abuse of U.S. IaaS Products: Recommendations for a Consortium Approach

Steve Kelly, Tiffany Saade

viewpdf

Podcasts

TechnologIST Talks: Looking Back and Looking Ahead: Deep Dive on the New Cybersecurity Executive Order

Carole House, Megan Stifel, and Steve Kelly

view

Podcasts

TechnologIST Talks: The Offense-Defense Balance

Philip Reiner and Heather Adkins

view

Reports

The Generative Identity Initiative: Exploring Generative AI’s Impact on Cognition, Society, and the Future

Gabrielle Tran, Eric Davis

viewpdf

Contribute to our Library!

We also welcome additional suggestions from readers, and will consider adding further resources as so much of our work has come through crowd-sourced collaboration already. If, for any chance you are an author whose work is listed here and you do not wish it to be listed in our repository, please, let us know.

SUBMIT CONTENT
Playing now

Cyber Resilience and Insurance Innovation

More Videos

Load More

Cyber Incident Reporting Framework: Global Edition

Cyber Threat Alliance, Institute for Security and Technology

SUMMARY

This guide to cybersecurity incident reporting develops a model reporting format that cybersecurity authorities and other government authorities worldwide could use as the foundation for their national reporting frameworks and regulatory language.

Last fall, multiple industry organizations led by the Cyber Threat Alliance (CTA) and the Institute for Security and Technology (IST) came together to provide input regarding cyber incident reporting for US entities. This group identified a set of principles and developed a model reporting format that the Cybersecurity and Infrastructure Security Agency (CISA) could use as the foundation for its incident reporting regulations. This updated, global edition of the framework builds off that first document that CTA and IST released in November 2022, and adds significant contextual discussion.

Thank you to the following organizations for their support: Chainalysis, Ciphertrace, CREST, Cybera, Cybercrime Support Network, and CyberPeace Institute

download pdf