Cybertelecom Federal Internet Law & Policy An Educational Project

CyberSecurity Reference

Laws

• Child Protection Laws
• Computer Fraud and Abuse Act 18 USC 2030
• Cybersecurity Enhancement Act of 2002 (strengthening sentancing guidelines)
• Federal Information Security Management Act of 2002 (FISMA)
  • "FISMA establishes clear criteria to improve federal agencies' cybersecurity programs. Enacted into law on December 17, 2002, as title III of the EGovernment Act of 2002, FISMA requires federal agencies to protect and maintain the confidentiality, integrity, and availability of their information and information systems.5 It also assigns specific information security responsibilities to the Office of Management and Budget (OMB), the Department of Commerce's National Institute of Standards and Technology (NIST), agency heads, chief information officers (CIO), and inspectors general (IG). For OMB, these responsibilities include developing and overseeing the implementation of policies, principles, standards, and guidelines on information security, as well as reviewing, at least annually, and approving or disapproving, agency information security programs. FISMA required each agency including agencies with national security systems, to develop, document, and implement agency wide information security programs to provide information security for the information and information systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source. Specifically, this program is to include
  • "periodic assessments of the risk and magnitude of harm that could result from the unauthorized access, use, disclosure, disruption, modification, or destruction of information or information systems;
  • "risk-based policies and procedures that cost-effectively reduce information security risks to an acceptable level and ensure that information security is addressed throughout the life cycle of each information system;
  • subordinate plans for providing adequate information security for networks, facilities, and systems or groups of information systems;
  • security awareness training for agency personnel, including contractors and other users of information systems that support the operations and assets of the agency;
  • periodic testing and evaluation of the effectiveness of information security policies, procedures, and practices, performed with frequency depending on risk, but no less than annually, and that includes testing of management, operational, and technical controls for every system identified in the agency's required inventory of major information systems;
  • a process for planning, implementing, evaluating, and documenting remedial action to address any deficiencies in the information security policies, procedures, and practices of the agency;
  • procedures for detecting, reporting, and responding to security incidents; and
  • plans and procedures to ensure continuity of operations for information systems that support the operations and assets of the agency.
  • "FISMA requires each agency to report annually to OMB, selected congressional committees, and the Comptroller General on the adequacy of information security policies, procedures, and practices, and on compliance with FISMA's requirements.
  • "FISMA also charges the Director of OMB with ensuring the operation of a central federal information security incident center with responsibility for issuing guidance to agencies on detecting and responding to incidents. Other responsibilities include compiling and analyzing information about incidents and informing agencies about current and potential information security threats. Prior to FISMA, the CIO Council (then chaired by OMB's Deputy Director for Management) issued a memorandum to all agency CIOs instructing agencies to follow specific practices for appropriate coordination and interaction with the Federal Computer Incident Response Capability (FedCIRC).6 OMB's statutory requirement supported FedCIRC, and OMB received quarterly reports from FedCIRC on the federal government's status on information technology security incidents.
  • "Following the establishment of DHS and in an effort to implement action items described in the National Strategy to Secure Cyberspace, FedCIRC was dissolved as a separate entity and its functions absorbed into the United States Computer Emergency Readiness Team (US-CERT), which was created in September 2003. US-CERT was established to aggregate and disseminate cybersecurity information to improve warning about and response to incidents, increase coordination of response information, reduce vulnerabilities, and enhance prevention and protection. US-CERT analyzes incidents reported by federal civilian agencies and coordinates with national security incident response centers in responding to incidents on both classified and unclassified systems. US-CERT also provides a service through its National Cyber Alert System to identify, analyze, prioritize, and disseminate information on emerging vulnerabilities and threats."
  • "FISMA also requires NIST to establish standards, guidelines, and requirements to help agencies improve the posture of their information security programs.9 NIST has issued several publications relevant to assisting agencies in protecting their systems against emerging cybersecurity threats. For instance, Special Publication 800-61, Computer Security Incident Handling Guide, advises agencies to establish an incident-response capability that includes establishing guidelines for communicating with outside parties regarding incidents, including law enforcement agencies, and also discusses handling specific types of incidents, including malicious code and unauthorized access. Additionally, NIST Special Publication 800-68 (Draft), Guidance for Securing Microsoft Windows XP Systems for IT Professionals: A NIST Security Configuration Checklist, describes configuration recommendations that focus on deterring malware, countermeasures against security threats with malicious payload, and specific recommendations for addressing spyware." [GAO 2005 p 9, 14]
• Fraud in Connection with Access Devices 18 USC 1029
• Gramm-Leach-Bliley and the Health Insurance Portability and Accountability Act (“HIPAA”), requiring cybersecurity safeguards.
• ID Documents Fraud 18 USC 1028
• Aggregated Identity Theft 18 USC 1028A
• Support Anti-terrorism by Fostering Effective Technologies Act of 2002 (SAFETY Act), Pub. L. 107-296, tit. VIII, subtitle G (codified at 6 U.S.C. § 441 et seq.)
• Wire Fraud 18 USC 1343
• Federal Trade Commission Act 15 USC 45
• Can Spam Act 15 U.S.C. § 7701, 18 U.S.C. § 1037
• USA Patriot Act
• 42 U.S.C. 5195c(e) Critical Infrastructure is defined as “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”
• Executive Orders

Legislation

• List of legislation is not complete
• House Committee on Science and Technology Sept. 23, 2009 Press release Subcommittee Approves Legislation to Strengthen the Federal Cybersecurity R&D Portfolio

Hearings

Reports

• Investigative Report on the U.S. National Security Issues Posed by Chinese Telecommunications Companies Huawei and ZTE , House Permanent Select Committee on Intelligence , October 8, 2012 , The committee initiated this investigation in November 2011 to inquire into the counterintelligence and security threat posed by Chinese telecommunications companies doing business in the United States.
• Federal Support for and Involvement in State and Local Fusion Centers , U. S. Senate Permanent Subcommittee on Investigations , October 3, 2012 , A two-year bipartisan investigation found that U.S. Department of Homeland Security efforts to engage state and local intelligence “fusion centers” has not yielded significant useful information to support federal counterterrorism intelligence efforts. In Section VI, “Fusion Centers Have Been Unable to Meaningfully Contribute to Federal Counterterrorism Efforts,” Part G, “Fusion Centers May Have Hindered, Not Aided, Federal Counterterrorism Efforts,” the report discusses the Russian “Cyber attack” in Illinois.
• Cybersecurity: Continued Efforts Are Needed to Protect Information Systems from Evolving Threats, GAO-10-230T Nov. 17, 2009
• CRS Report RL33123, Terrorist Capabilities for Cyber attack: Overview and Policy Issues, by John Rollins and Clay Wilson
• CRS Report RL30153, Critical Infrastructures: Background, Policy, and Implementation, by John D. Moteff
• Congressional Research Service, report by John Rollins and Anna C. Henning entitled "Comprehensive National Cybersecurity Initiative: Legal Authorities and Policy Considerations," March 10, 2009
• Department of the Treasury, FSSCC/BIIC Cyber Security Intelligence and Information Sharing Work Groups, "Roadmap for Improved Information Sharing: Situational Analysis and Recommendations for Action" (undated)
• Information Technology Information Sharing and Analysis Center, letter from Brian Willis, February 27, 2009
• National Security Telecommunications Advisory Committee, "NSTAC Response to the Sixty-Day Cyber Study Group," March 12, 2009
• United States House of Representatives, Permanent Select Committee on Intelligence, "HPSCI White Paper on Cyber security," December 10, 2008
• Center for Strategic and International Studies, Securing Cyberspace for the 44th Presidency: A Report of the CSIS Commission on Cybersecurity for the 44th Presidency (2008).
• Jul 01, 2008 Requested Report [GAO] CYBER ANALYSIS AND WARNING House Science & Technology Committee
• Library of Congress.  Congressional Research Service.  Information Operations, Electronic Warfare, and Cyberwar:  Capabilities and Related Policy Issues , by Clay Wilson.  Washington, CRS, March 20, 2007.  18 p.
• Information Security, Emerging Cybersecurity Issues Threaten Federal Informational Systems, GAO Report to Congressional Requesters, (2005) [GAO 05]
• “The Economic Impact of Cyber Attacks.” CRS 2004
• GAO, Information Security: Continued Efforts Needed to Sustain Progress in Implementing Statutory Requirements, GAO-04-483T (Washington, D.C.: Mar. 16, 2004).
• Critical Infrastructure Protection: Who's in Charge, GSA before Committee on Governmental Affairs (Oct 2001)
• Threat Assessment of Malicious Code and Human Threats, Lawrence E. Bassham &W. Timothy Polk, National Institute of Standards and Technology Computer Security Division, Thu Mar 10 15:32:55 EST 1994

Cybersecurity Research

NITRD Sept 22, 2009 (In response to the President's call to secure our nation's cyber infrastructure, the White House Office of Science and Technology Policy (OSTP) and the Federal Networking and Information Technology Research and Development (NITRD) Program developed the Leap-Ahead Initiative with the goal of developing the national cyber security leap-ahead research and development agenda. Between August 17th and 19th of this year, the NITRD Program, with guidance from OSTP and the Office of the Assistant Secretary for Defense Networks and Information Integration, held a National Cyber Leap Year Summit in Arlington, Virginia.)

• National Cyber Leap Year Summit 2009 Co-Chairs Report: download
• National Cyber Leap Year Summit 2009 Participants' Ideas Report: download

Links

• Economics of Information Security (ECONSEC)
• Economics and Security Resource Page Ross Anderson
• CMU Usable Privacy and Security Laboratory
• IT-ISAC

Papers

• Ross Anderson, Why Information Security is Hard – An Economic Perspective
• Automation World, 4 Types of Cyber Attacks Targeting Manufacturers (Aug 20, 2015)
• Bauer, Johannes M. and Van Eeten, Michel (2009) "Cybersecurity: stakeholder incentives, externalities, and policy options", Telecommunications Policy, 33(10-11)
• CSTB NAS
  • Policy Consequences and Legal/Ethical Implications of Offensive Information Warfare
  • Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy (current project)
  • Letter Report for the Committee on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy, CSTB NAS 2010
  • Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities 2009
  • Toward a Safer and More Secure Cyberspace 2007
  • Cybersecurity Today and Tomorrow: Pay Now or Pay Later 2002
• An Economic Map of Cybercrime - Alvaro Cardenas, University of California-Berkeley, John Chuang, University of California-Berkeley, Jens Grossklags, University of California-Berkeley, Svetlana Radosavac, DOCOMO Communications Labratories USA, Inc., Chris Hoofnagle,University of California-Berkeley TPRC 2009
• Shwan Dyllan, Hichem Dahimene, Phillip Wright, and Perry Xiao, Analysis of HTTP and HTTPS Usage on the University Internet Backbone Links Journal of Industrial and Intelligent Information Vol. 2, No. 1, March 2014
• Melissa Hathaway, Cyber Security – An Economic and National Security Crisis, Intelligencer: Journal of U.S. Intelligence Studies, Fall 2008 at 31-6.
• Infosec Institute, Cybersecurity Policy and Threat Assessment for the Energy Sector (Aug 4, 2015),
• Kerfoot, Therese, Cybersecurity: Towards a Strategy for Securing Critical Infrastructure from Cyberattacks (May 2012). Silicon Flatirons Center, 2012
• Tyler Moore, Introducing the Economics of Cybersecurity: Principles and Policy Options 12-13 (Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy) (Nat’l Research Council 2010)
• PWC, US cybersecurity: Progress stalled. Key findings from the 2015 US State of Cybercrime Survey (2015),
• Michael D. Scott, Tort Liability for Vendors of Insecure Software: Has the Time Finally Come?, 67 Md. L. Rev. 425 (2008)
• Van Eeten, Michel J. G. and Bauer, Johannes M. (2009) "Megacrises and the internet: risks, incentives and externalities", Journal of Contingencies and Crisis Management

News

• Guardians of Internet Security Are Targets, NYT 8/5/2011
• White House: Need to monitor online 'extremism', CNET 8/5/2011
• 'Biggest' cyber attack revealed, BBC 8/3/2011
• Two Cybersecurity Bills Introduced in Senate, Daily Dashboard 8/1/2011
• Don't Let Congress Order Internet Companies to Spy on You - Block the Data Retention Mandate, EFF 7/26/2011
• Senator: New cybersecurity regulations needed for banks, CW 6/22/2011
• LulzSec hits Brazilian websites, BBC 6/22/2011
• Collateral Damage: In The Hunt For LulzSec, FBI Takes Down A Bunch Of Websites, Techdirt 6/22/2011
• Dawgert, Brad, The Internet Kill Switch: Feasible or Fantastical?, SSRN 6/15/2011
• SecurID tokens compromised, company admits, WAPO 6/9/2011
• Commerce Dept Proposes NewCybersecurity Policy Framework, CT 6/9/2011
• Thoughts on the Commerce Department's new cybersecurity paper, Google 6/9/2011
• Feds investigate alleged attacks on Gmail accounts, CNET 6/2/2011
• Cyber Attack Hits Lockheed Martin, NPR 6/2/2011
• WH Cybersecurity Proposal: Questioning the DHS Collection Center, CDT 5/25/2011
• WH Cybersecurity Proposal: CFAA Hack Goes Beyond Hackers, CDT 5/25/2011
• WH Cybersecurity Propsal: Good Start on Data Breach Notification, CDT 5/25/2011
• U.S. Outlines Cybersecurity Initiative, NPR 5/16/2011
• White House Proposes Cybersecurity Plan, NPR 5/16/2011
• White House Cybersecurity Plan: What You Need To Know, Huffpo 5/16/2011
• White House to unveil cybersecurity proposal, Globe and Mail 5/12/2011
• The Sony Wake-up Call: Time to Get Serious About Data Protection, Ecommerce Times 5/6/2011
• FTC Testifies on Data Security, FTC 5/6/2011
• Sony apologizes, details PlayStation Network attack, CW 5/2/2011
• FBI Pounces On Coreflood Botnet, USTelecom 4/25/2011
• Want To Grope People At Random In Airports (Not Just At Security)? Join The TSA!, Techdirt 3/30/2011
• EU probes cyber attack, Globe and Mail 3/25/2011
• Feature: How the Comodo certificate fraud calls CA trust into question, Ars Technica 3/25/2011
• Iran accused in 'dire' net attack, BBC 3/25/2011
• Iranian hackers obtain fraudulent HTTPS certificates: How close to a Web security meltdown did we get?, EFF 3/25/2011
• Making Twitter more secure: HTTPS, Twitter 3/17/2011
• Google confirms it pulled malicious Android apps, CNET 3/7/2011
• Cyber attack targeted Paris G20, BBC 3/7/2011
• Bank of America online banking down across U.S., CNET 3/2/2011
• Senator Schumer Fails To Properly Use HTTPS On His Own Site, After Pushing Other Sites To Use It [Updated], Techdirt 3/2/2011
• Worries Abound Over US Cyber-Emergency Internet Policy, Ecommerce Times 3/2/2011
• Internet 'kill switch' bill gets a makeover, CNET 2/23/2011
• Op-Ed: A Civil Perspective on Cybersecurity, Wired 2/16/2011
• Should anyone have a 'kill switch' for the Internet?, OJR 2/9/2011
• Report: Cybersecurity for Power Grid Falls Way Short, Wired 2/3/2011
• Senators decry link between Egypt, 'kill switch' bill, CNET 2/3/2011
• Internet 'Kill Switch' Legislation Back in Play, WIRED 1/31/2011
• OECD: Cyber attacks could create ?perfect storm?, Globe and Mail 1/19/2011
• White House: Private Sector Must Lead Internet Security Fight, Ecommerce Times 1/19/2011
• Web attacks plague rights sites, BBC 12/22/2010
• U.S. Hunts 'Hacktivists,' Some Ask: Is It Worth It?, NPR 12/13/2010
• Hackers Attack Companies That Hindered WikiLeaks, NYT 12/10/2010
• Group used 30,000-node botnet in MasterCard, PayPal attacks, CW 12/10/2010
• Web Attackers Point to Cause in WikiLeaks, NYT 12/10/2010
• The Role of Internet Services Providers in Botnet Mitigation, OECD 11/12/2010
• A Proposal for Model Cyber Security, Part I, Verizon 10/27/2010
• U.S. Now Leading Source of Attack Traffic, Followed by China and Russia, Circleid 10/21/2010
• DHS Touts Cybersecurity Awareness Campaign, Internet News 10/15/2010
• FTC Files Comments on FCC's Proposed Cyber Security Certification Program, FTC 10/15/2010
• Iran confirms massive Stuxnet infection of industrial systems, CW 9/27/2010
• The missing piece of cloud security?, CW 9/22/2010
• All about the "onMouseOver" incident, Twitter 9/22/2010
• Twitter Website Hacked, User Accounts Filled With Spam, Gigaom 9/22/2010
• Cyber Command chief details threats to U.S., CNET 8/9/2010
• Cyberattacks Hit Businesses With Big Bills, Internet News 7/30/2010
• Notice of Inquiry: Cybersecurity, Innovation and the Internet Economy, NTIA 7/28/2010
• White House Issues Update on Cybersecurity Report, Circleid 7/16/2010
• White House meeting aimed to assert cybersecurity leadership, CW 7/16/2010
• National Strategy for Trusted Identities in Cyberspace, White House 7/12/2010
• GAO slams White House for failing to lead on cybersecurity, CW 7/12/2010
• Obama Cyber Boss Talks Up Security Strategy, Internet News 7/12/2010
• Comments on the National Strategy for Trusted Identities in Cyberspace, Circleid 7/12/2010
• The White House plan to safeguard cyberspace, CW 7/12/2010
• Public Safety And Homeland Security Bureau Seeks Comment On Whether The Commission's Rules Concerning Disruptions To Communications Should Apply To Broadband Internet Service Providers And Interconnected Voice Over Internet Protocol Service Providers., FCC 7/7/2010
• FTC Announcement, TWITTER 7/7/2010
• Sens. to Mark Up Cybersecurity Bill Next Week, Internet News 6/17/2010
• Senators propose granting president emergency Internet power, CNET 6/14/2010
• Rockefeller, Snowe Support Efforts to Bolster America's Cybersecurity, Senate 6/11/2010
• National Defense Act Creates Cybersecurity Post, Internet News 6/1/2010
• Google: Fake antivirus is 15 percent of all malware, CNET 4/28/2010
• White House To Modernize Cybersecurity Reports, Internet News 4/23/2010
• Google cyberattack hit password system: NY Times, Globe and Mail 4/21/2010
• Second-hand copiers can spill secrets, CNET 4/21/2010
• Slippery Slope Alert: "National Office for Cyberspace" Proposed, PFF 3/26/2010
• U.S. said to be eyeing cybersecurity ambassador role, CW 3/24/2010
• Rockefeller and Snowe Gain Momentum for Landmark Cybersecurity Act, Senate Commerce 3/24/2010
• FTC to Internet Companies: Start Using SSL, EFF 3/19/2010
• Broadband plan gives FCC wider cybersecurity role, CW 3/19/2010
• Revised cybersecurity bill introduced in Senate, CW 3/19/2010
• Rockefeller and Snowe Unveil Comprehensive Cybersecurity Legislation, Senate Commerce 3/19/2010
• Disgruntled Ex-Auto Dealer Employee Hacks Computer System To Disable Over 100 Cars, Techdirt 3/19/2010
• FBI Director Seeks Industry Help on Cybersecurity, Internet News 3/9/2010
• White House declassifies outline of cybersecurity program, Wash Post 3/2/2010
• White House Publishes Outline of Cyber Security Policies, EPIC 3/2/2010
• Obama administration partially lifts secrecy on classified cybersecurity project, CW 3/2/2010
• Lawmakers Dig In On Cybersecurity Bill, Internet News 2/25/2010
• Do Companies Need Fed Cybersecurity Intervention?, Ecommerce Times 2/25/2010
• Federal Trade Commission links wide data breach to file sharing, Wash Post 2/25/2010
• Cybersecurity: Next Steps to Protect Our Critical Infrastructure, Senate Commerce 2/25/2010
• Bots and Botnets, Comcast 2/16/2010
• Obama administration tweaks its cybersecurity plans, Ars Technica 2/16/2010
• House to consider cybersecurity bill on Wednesday, CW 2/4/2010
• Government warns of looming cyberthreats, CNET 2/4/2010
• U.S. Cyber Czar Says He Has Obama's Full Support, Internet News 1/28/2010
• If Your Password Is 123456, Just Make It HackMe, NYT 1/21/2010
• Pentagon: U.S. Geek Shortage Is a National Security Risk, Wired 1/19/2010
• Blaming IE for Attacks is Dangerous, CW 1/19/2010
• Schmidt tapped as White House cybersecurity coordinator, CW 12/22/2009
• Twitter Hacked By Iranian Cyber Army, Gigaom 12/18/2009
• DNS Disruption, TWITTER 12/18/2009
• 'Iranian cyber army' hits Twitter, BBC 12/18/2009
• Obama Pressured to Put Cyber Security Back on Top of the Agenda, Circleid 12/10/2009
• New study calls for cybersecurity overhaul in U.S., CW 12/4/2009
• Obama said to be again close to naming cybersecurity chief, CW 11/17/2009
• 60 Minutes Investigates Cybersecurity and the Reality of Sabotaging Critical Infrastructure, CircleID 11/10/2009
• What is the government's weakest cyber security link?, Safe Internet 11/4/2009
• Put cybersecurity chief in DHS not the White House, Senator says, CW 11/4/2009
• Announcing PFF's Taxonomy of Online Security & Privacy Threats, PFF 11/4/2009
• Don't Be a Victim of Cyber Crime!, MSISAC 10/27/2009
• U.S. gov't cybersecurity spending to grow significantly, study says, CW 10/27/2009
• President Obama Promotes NCSAM in YouTube Video, iKeepSafe 10/20/2009
• With botnets everywhere, DDoS attacks get cheaper, CW 10/15/2009
• Cyber Terrorism Demands New Tactics: Study, Internet News 10/13/2009
• Senate passes Resolution 285 supporting awareness on the eve of National Cyber Security Awareness Month, Michael Kaiser 10/1/2009
• iKeepSafe to support NCSA launch of Cyber Security Awareness Month, iKeepSafe 10/1/2009
• Security Audits Worthwhile But Infrequent: Survey, Internet News 10/1/2009
• US urges 'cyber hygiene' effort, BBC 10/1/2009
• Techniques Used By Fraudsters On Social Networking Sites, IC3 10/1/2009
• Botnets Tighten Their Grip on the Broadband Infrastructure, Gigaom 10/1/2009
• Senators hold hearing on cyber security, Safe Internet 9/17/2009
• Frank Kramer Rumored as Lead Candidate for US Cyber Security Coordinator Post, CircleID 9/10/2009
• Bill giving Obama power to shut Web takes on new tone, CW 9/1/2009
• Bill Would Give Obama 'Cybersecurity Emergency' Powers, Tech Lib Front 9/1/2009
• Wouldn't The Last Thing We Want During A 'Cybersecurity Emergency' Be For The Gov't To Take Over Private Networks?, Techdirt 9/1/2009
• Details on presidential motorcades, safe house for First Family, leak via P2P, CW 7/30/2009
• McAfee Warns Spam, Trojans and Botnets Skyrocketing, Wired 7/30/2009
• Twitter: A Growing Security Minefield, CW 7/27/2009
• U.S. seeks 'top guns' for cybersecurity, CW 7/27/2009
• U.S. Official: Cybersecurity Plans Not Just Talk, Internet News 7/2/2009
• Why don't I feel all warm and fuzzy about this?, ISEN 5/13/2009
• New Bill Would Give Feds Sweeping Cybersecurity Enforcement Powers, Ecommerce Times 4/2/2009
• Bill Would Federalize Cybersecurity- Senate Proposal Would Affect Even Some Private Networks, Senate Commerce 4/2/2009
• Chairman Rockefeller and Senator Snowe Introduce Comprehensive Cybersecurity Legislation, Senate Commerce 4/2/2009
• White House cyber adviser--more questions than answers, CNET 3/27/2009
• Creation of White House cybersecurity office remains uncertain, CW 3/27/2009
• FTC questions cloud-computing security, CNET 3/18/2009
• Hearing Announcement: Cybersecurity - Assessing Our Vulnerabilities and Developing An Effective Defense, Senate Commerce 3/10/2009
• Top US Federal Cybersecurity Official Resigns, Criticizes NSA Takeover, CircleID 3/10/2009
• Obama Proposes Millions for Cybersecurity, Internet News 3/3/2009
• A New Internet Attack: Parking Tickets, CW 2/5/2009
• Feds urged to provide cybersecurity incentives, CW 11/20/2008
• Obama administration to inherit tough cybersecurity challenges, CW 11/20/2008
• Will Twitter and terrorism meet?, BBC 10/28/2008
• FTC's Cyber Security Site Gets an Upgrade, FTC 10/2/2008
• Ready to blow the whistle on a cybercrime? Who ya gonna call?, CW 9/12/2007
• ESTABLISHMENT OF THE PUBLIC SAFETY AND HOMELAND SECURITY BUREAU AND OTHER ORGANIZATIONAL CHANGES., FCC 9/26/2006
• FCC Establishes Public Safety and Homeland Security Bureau, Converged Network 9/26/2006
• Fiddling while Rome burned, CNET 9/2/2006
• Federal agencies get a D+ on cybersecurity, CW 2/18/2005
• Clarke: Who leads cybersecurity?, FCW 2/18/2005
• Reports: FBI Shutters Public E-Mail System, eweek 2/8/2005
• Bush backs boost for cybersecurity, FCW 2/8/2005
• Bush's Cyber Security Force Loses Another One, InternetNews 1/14/2005
• F.B.I. May Scrap Vital Overhaul of Its Outdated Computer System, NYT 1/14/2005
• Calling for security leadership, FCW 12/10/2004
• Committee calls for cybersecurity post, FCW 12/10/2004
• Ridge leaves mixed legacy, CNET 12/3/2004
• Former cybersecurity czar: Code-checking tools needed, Infoworld 12/3/2004
• US gets new cyber security chief, BBC 10/8/2004
• Access to Tom Ridge or bust, CNET 10/8/2004
• Howard Schmidt to lead U.S. CERT, CW 10/8/2004
• US cyber security chief resigns, BBC 10/5/2004
• Steps for Creating National CSIRTs, CERT 10/5/2004
• U.S. cybersecurity chief resigns, CNET 10/5/2004
• FTC Continues Education, Enforcement Efforts to Promote Information Security, FTC 9/24/2004
• Cybersecurity czar may get a promotion, CNET 9/21/2004
• Collins praises, Lieberman blasts homeland security orders, FCW 12/19/2003
• Organizational Models for Computer Security Incident Response Teams, CERT 2/10/2004
• U.S. creates cyberalert system, CNET 2/2/2004
• Gov't Rolls Out Cyber Alert System, Internet News 2/2/2004
• Fed cybersecurity chiefs get a council, FCW 12/5/2003
• Feds simulate terrorist cyberattack, CNN 12/2/2003
• DHS Cuts Tech Funding By 30%, Internet News 11/14/2003
• EU hi-tech crime agency created, BBC 11/21/2003
• Homeland security goes online, BBC 6/9/03
• Government forms cybersecurity unit, CNET 6/9/03
• Homeland Security to tap director, CNET 6/6/03
• Broadband Users Lack Basic Security, Internet News 6/6/03
• When to make the cybersecurity call, FCW 4/4/03
• Creation of cybersecurity post in administration appears imminent, GovExec 4/1/03
• U.S. Government To Get Cybersecurity Chief, Salon 5/28/03
• Blogs play a role in homeland security, CW 5/12/03
• Homeland chief urges firms to bolster cybersecurity, GovExec 5/2/03
• Ridge Asks For Tech Help, Info World 4/30/03
• ITAA Calls For Cybersecurity Czar, Internet News 4/23/03
• Howard Schmidt is leaving the White House, GCN 4/21/03
• Howard Schmidt leaving government cybersecurity job, CW 4/21/03
• White House May Lose Top Cybersecurity Advisor, Internet News 4/21/03
• U.S. Cyber Security Plan A Mosaic, Internet News 4/17/03
• Cybe rsecurity in Europe and EU-Russia Co-operation, RAPID 4/11/03
• Clarke: No One's Minding the Cyber Store, eweek 4/9/03
• NIPC Leadership Questioned, Info World 2/28/03
• Anti-terror Network 'in Disarray', BBC 2/21/03
• Cybersecurity Chief To Quit, Internet News 1/29/03
• U.S. Cybersecurity Czar to Resign, Wired 1/29/03
• Cooper named Homeland Dept. CIO, FCW 1/10/03
• White House trims cybersecurity plan, MSNBC 1/7/03
• Feds Building Internet Monitoring Center, Wash Post 2/10/03
• Homeland Office Is Told to Answer Queries on Its Role, Wash Post 1/3/03
• Feds Delay Launch of Cyber-Security Plan, VOA 12/20/02
• The Year In Security, TechTV 1/2/03
• Sentries on the Net, CNET 1/2/03
• Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues, CERT 12/4/02
• Homeland Security Is Watching You, Newsfactor 11/25/02
• NIPC Seeks Cyberalert Support, FCW 8/16/02
• NIPC CyberNotes Issue #2002-16, 08/12/2002, NIPC 8/16/02
• OECD Publishes Cyber-Security Guidelines, IDG 8/9/02
• OECD Governments Launch Drive to Improve Security of Online Networks, OECD 8/9/02
• Creating a Computer Security Incident Response Team: A Process for Getting Started, CERT 8/7/02
• Bush Adviser Encourages Hacking, Wash Post 8/2/02
• Cybersecurity Info Sharing Plan Blasted, Wash Post 7/29/02
• Report: Cyber Security Efforts Disorganized, USAToday 7/24/02
• National Strategy Executive Summary, WhiteHouse 7/17/02
• NIPC Reaches Out To Private IT Sector, Internet News 6/26/02
• Government Not Ready For Cyberattacks, Internet News 6/26/02
• White House Stressing IT Security, Wash Post 6/10/02
• Bush Plan Backs IT Infrastructure, FCW 6/5/02
• Homeland security network proposed, USA Today 6/5/02
• InfoSec: GartnerG2 Says Not Enough Being Done to Prepare for Cyberattacks, ITAA 5/22/02 
• Ridge wants tech firms to enlist in terrorism fight, USA Today 4/24/02
• Government cyber security chief warns of threats to infrastructure , Nando 2/20/02
• High-Tech Security Czar Warns Against Cyber Complacency , Wash Tech 2/20/02
• White House To Form Cybersecurity Center, FCW 2/15/02
• Cybercrime reporting procedure draws fire , CW 2/20/02
• U.S. Backing for Guidelines on Fighting CyberCrime, NYT 2/13/02
• NIPC Head: Communication Key, Must Do More, IDG 2/4/02
• NIST Prepping Security Guides, Fcw 1/28/02
• White House Cybersecurity 'Strategy' Due In June, Wash Tech 1/28/02
• U.S. Cyber Chief to Map Infrastructure for Security, Reuters 12/6/01
• Feds To Draw 'Map' Of Internet (by the National Infrastructure Simulation and Analysis Center which is a part of the Defense Threat Reduction Agency - NISAC is a partnership between DTRA and Los Alamos), Newsfactor 12/7/01
• Cyber-security czar snubs ID plan, MSNBC 11/9/01
• New Powers In Cybersecurity, Reuters 11/9/01
• Cybersecurity chief warns of Net threat, USAToday 11/9/01
• Security woes dog federal agencies, CNET 11/9/01
• ITAA Calls for Immediate New Federal IT Security Funding, Inews 11/9/01
• President Forms Cyberterrorism Panel, AP 10/17/01
• New Unit Targets Internet Crimes, LAT 7/13/01
• Top DOJ Official Outlines Priority List to Combat Cybercrime, Standard 6/15/01
• Internet warning system under siege (CERT), CNET 5/23/01
• NIPC Gets "F" In Hack Attack Warnings, InternetNews 5/23/01
• Bush considers cybersecurity coordination board, USAToday 5/16/01
• Bush Mulls cybersecurity, USAToday 5/11/01
• White House Site Attack Clues Sought, CW 5/8/01
• Senator: Aid Cyber Security By Secrecy, Reuters 5/8/01
• FBI Names New Chief For Computer Security, Infoworld 3/21/01
• U.S. Cyber-Chief Warns of Weaknesses, Newsfactor 3/21/01
• National Security Adviser sees cyberterrorist threat, USAToday 3/23/01