Policy Papers

Rethinking Data, Geography, and Jurisdiction

The international community should reject geographic-based data control frameworks and adopt ones premised on data flow “control points."

Contesting "Cyber"

The inconsistent application of the prefix “cyber” stems not only from confusion, but also from contest.

Cybersecurity as an Engine for Growth

Using case studies of three cities, this report examines how national and local governments can attract and develop a cybersecurity industry

The Enemy Has a Voice

Cyber threat intelligence helps defenders better understand what vulnerabilities their adversaries will seek to exploit.

Professor Cy Burr’s Graphic Guide to International Cyber Norms

An illustrated guide to international cybersecurity norms.

Smart City Partnerships

This paper explains how the Internet of Things supports Smart Cities, cybersecurity risks of IoT technologies, and steps to address risks.

A Brief History of Law Enforcement Hacking in the United States

This overview highlights major trends in investigative hacking.

Bugs in the System

This primer on the vulnerability ecosystem offers policy recommendations to ensure that vulnerabilities are discovered & patched quickly.

Toward a Safe and Secure Internet of Things

The Internet of Things offers opportunities in education, energy, healthcare, and transportation. It also poses challenges in cybersecurity.

The Graphic Guide to Cybersecurity and Simplicity

A clever comic by cybersecurity fellow Dan Ward illustrates the tendency to overcomplicate security, when a simple solution would suffice.

Cyber Peace

Heather Roff explains why viewing cyber peace as the absence of any hostile actions is insufficient.

Decrypting the Cybersecurity Gender Gap

Gender disparity in the cybersecurity industry isn’t just a problem for women.