Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

FY2014 DOT&E Annual Report has been released to Congress

DOT&E FY2014 Annual Report. Michael Gilmore, Director – Operational Test & Evaluation Office of the Secretary of Defense: “Since my appointment as Director, I have required thorough operational tests that provide adequate information to characterize system performance across a variety of operational conditions. This information is essential to my evaluation of system operational effectiveness, suitability, and survivability. I have advocated the use of scientific methodologies, including experimental design or design of experiments (DOE) to ensure that this characterization is done as efficiently as possible. The methodologies that I have advocated for not only provide a rigorous and defensible coverage of the operational space, they also allow us to quantify the trade-space between the amount of testing and the precision needed to answer the complex questions about system performance. They allow us to know, before conducting the test, which analyses we will be able to conduct with the data and therefore, what questions about system performance we will be able to answer. Finally, they equip decision makers with the analytical tools to decide how much testing is enough in the context of uncertainty.”

DoD Cloud Computing Security Requirements Guide

Department of Defense (DoD)  Cloud Computing Security Requirements Guide (SRG). Version 1, Release 1. 12 January 2015 Developed by the Defense Information Systems Agency (DISA) for the Department of Defense (DoD). “Cloud computing technology and services provide the Department of Defense (DoD) with the opportunity to deploy an Enterprise Cloud Environment aligned with Federal Department-wide Information Technology (IT) strategies and efficiency initiatives, including federalContinue Reading

GAO Report – Federal Facility Cybersecurity

Federal Facility Cybersecurity: DHS and GSA Should Address Cyber Risk to Building and Access Control Systems, GAO-15-6: Published: Dec 12, 2014. Publicly Released: Jan 12, 2015: “The Department of Homeland Security (DHS) has taken preliminary steps to begin to understand the cyber risk to building and access controls systems in federal facilities. For example, in 2013,Continue Reading

Tallinn Manual on the International Law Applicable to Cyber Warfare

NATO Cooperative Cyber Defence Centre of Excellence: “The Tallinn Manual on the International Law Applicable to Cyber Warfare, written at the invitation of the Centre by an independent ‘International Group of Experts’, is the result of a three-year effort to examine how extant international legal norms apply to this ‘new’ form of warfare. The Tallinn ManualContinue Reading

Challenges at the Intersection of Cyber Security and Space Security

“This research paper is part of Chatham House’s Project on Cyber Security and Space Security, a multiyear research project within the International Security Department examining the security challenges at the intersection of cyber security and space security. The paper aims to identify and raise awareness of the challenges common to both domains through a compilation of articles byContinue Reading

Cybersecurity Issues and Challenges: In Brief

CRS – Cybersecurity Issues and Challenges: In Brief. Eric A. Fischer, Senior Specialist in Science and Technology. December 16, 2014. “The information and communications technology (ICT) industry has evolved greatly over the last half century. The technology is ubiquitous and increasingly integral to almost every facet of modern society. ICT devices and components are generally interdependent, and disruption of one may affectContinue Reading

2014 Bot Traffic Report

“As Incapsula’s prior annual reports have shown, bots are the Internet’s silent majority. Behind the scenes, billions of these software agents shape our web experience by influencing the way we learn, trade, work, let loose, and interact with each other online. Bots are also often designed for mischief, however. In fact, many of them are usedContinue Reading

2013 National Incident-Based Reporting System Data Available

“The National Incident-Based Reporting System (NIBRS) was implemented to improve the quality of crime data collected by law enforcement by capturing detailed information on each single crime occurrence. Designed for law enforcement, the NIBRS has the flexibility to gather administrative facts on crime incidents as well as varied information about the victims, offenses, arrestees, andContinue Reading

Evaluation of DHS’ Information Security Program for Fiscal Year 2014

December 12, 2014 OIG-15-16: “DHS has taken steps to improve its information security program. For example, DHS expanded the ongoing authorization program to improve the security of its information systems through a revised risk management approach. Additionally, DHS developed and implemented the Fiscal Year 2014 Information Security Performance Plan, which defines the performance requirements, priorities, and overall goals for the Department. DHS has alsoContinue Reading

Internet Monitor 2014: Reflections on the Digital World

“Internet Monitor is delighted to announce the publication of Internet Monitor 2014: Reflections on the Digital World, the project’s second annual report. The report is a collection of roughly three dozen short contributions that highlight and discuss some of the most compelling events and trends in the digitally networked environment over the past year. The publication,Continue Reading

Exploring the Ecosystem of Third-party Security Seals

Clubbing Seals – Exploring the Ecosystem of Third-party Security Seals – Tom Van Goethem, Frank Piessens, Wouter Joosen, Nick Nikiforaki in Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS 2014), Scottsdale, Arizona, USA. “In the current web of distrust, malware, and server compromises, convincing an online consumer that a website is secure, can make the difference between a visitor andContinue Reading

Legislation to Facilitate Cybersecurity Information Sharing: Economic Analysis

CRS – Legislation to Facilitate Cybersecurity Information Sharing: Economic Analysis. N. Eric Weiss, Specialist in Financial Economics. December 11, 2014. “Data breaches, such as those at Target, Home Depot, Neiman Marcus, and JPMorgan Chase, affecting financial records of tens of millions of households seem to occur regularly. Companies typically respond by trying to increase their cybersecurity by hiring consultants and purchasing newContinue Reading