Virtual Library

Our virtual library is an online repository of all of the reports, papers, and briefings that IST has produced, as well as works that have influenced our thinking.

Submit your Content

Reports

Unlocking U.S. Technological Competitiveness: Proposing Solutions to Public-Private Misalignments

Ben Purser, Pavneet Singh

viewpdf

Articles

The Phone-a-Friend Option: Use Cases for a U.S.-U.K.-French Crisis Communication Channel

Daniil Zhukov

viewpdf

Articles

China: Nuclear Crisis Communications and Risk Reduction

Dr. Tong Zhao

viewpdf

Articles

Use-Cases of Resilient Nuclear Crisis Communications: A View from Russia

Dmitry Stefanovich

viewpdf

Articles

Pakistan: Mitigating Nuclear Risks Through Crisis Communications

Dr. Rabia Akhtar

viewpdf

Articles

Resilient Nuclear Crisis Communications: India’s Experience

Dr. Manpreet Sethi

viewpdf

Reports

A Lifecycle Approach to AI Risk Reduction: Tackling the Risk of Malicious Use Amid Implications of Openness

Louie Kangeter

viewpdf

Contribute to our Library!

We also welcome additional suggestions from readers, and will consider adding further resources as so much of our work has come through crowd-sourced collaboration already. If, for any chance you are an author whose work is listed here and you do not wish it to be listed in our repository, please, let us know.

SUBMIT CONTENT

Cyber Incident Reporting Framework: Global Edition

Cyber Threat Alliance, Institute for Security and Technology

SUMMARY

This guide to cybersecurity incident reporting develops a model reporting format that cybersecurity authorities and other government authorities worldwide could use as the foundation for their national reporting frameworks and regulatory language.

Last fall, multiple industry organizations led by the Cyber Threat Alliance (CTA) and the Institute for Security and Technology (IST) came together to provide input regarding cyber incident reporting for US entities. This group identified a set of principles and developed a model reporting format that the Cybersecurity and Infrastructure Security Agency (CISA) could use as the foundation for its incident reporting regulations. This updated, global edition of the framework builds off that first document that CTA and IST released in November 2022, and adds significant contextual discussion.

Thank you to the following organizations for their support: Chainalysis, Ciphertrace, CREST, Cybera, Cybercrime Support Network, and CyberPeace Institute

download pdf