donate EXPLORE
donate

Virtual Library

Our research repositories present a collection of open-source resources that showcase research and analysis that has directly influenced our initiatives. Non-IST publications are copyrighted by external authors not affiliated with IST.

Submit your Content
Advanced Search

Reports

Cyber Incident Reporting Framework: Global Edition

Cyber Threat Alliance, Institute for Security and Technology

viewpdf

Reports

AI-NC3 Integration in an Adversarial Context: Strategic Stability Risks and Confidence Building Measures

Alexa Wehsener, Andrew W. Reddie, Leah Walker, Philip Reiner

viewpdf

Op-ed

The Nuclear Risk Reduction Approach: A Useful Path Forward for Crisis Mitigation

Sylvia Mishra

view

Reports

Nuclear Crisis Communications: Mapping Risk Reduction Implementation Pathways

Sylvia Mishra

viewpdf

Reports

Towards a Stronger Ukrainian Media Ecosystem

Leah Walker, Alexa Wehsener, Natalia Antonova

viewpdf

Op-ed

Pentagon’s Office of Strategic Capital must win over Silicon Valley

Leah Walker and Alexa Wehsener

view

Fact Sheet

DOD Establishes the Office of Strategic Capital

Strategic Balancing Initiative

viewpdf

Contribute to our Library!

We also welcome additional suggestions from readers, and will consider adding further resources as so much of our work has come through crowd-sourced collaboration already. If, for any chance you are an author whose work is listed here and you do not wish it to be listed in our repository, please, let us know.

SUBMIT CONTENT
Playing now

Cyber Resilience and Insurance Innovation

More Videos

Load More

Cyber Incident Reporting Framework

Cyber Threat Alliance, Institute for Security and Technology

SUMMARY

A group led by Cyber Threat Alliance and the Institute for Security and Technology that includes CREST, CipherTrace, Coveware, Cybera, Cybercrime Support Network, Cyber Peace Institute, Open Cybersecurity Alliance, and SolarWinds has come together to provide input regarding cyber incident reporting.

This group has identified a set of principles that the incident reporting regulation should incorporate, and we have developed a set of model reporting formats the Cybersecurity and Infrastructure Security Agency (CISA) could use as the foundation for the reporting forms. The report contains 3 sections:

  1. Purpose, Expectations, and Definitions
  2. Principles
  3. Incident Reporting Fields

Framework appendices include an explanation of why the U.S. government should collect the proposed information in the Cyber Incident Reporting Form and a sample, generic CIRF report.

download pdf