Insights & Research


Multiple Organizations Request 30-day Extension on CIRCIA Comments

The Cybersecurity Coalition, U.S. Chamber of Commerce, and 23 other organizations have requested a 30-day extension to the comment period for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) from CISA.

Ransomware: ‘costly and impactful’ and now a staple national security risk

Two reports released by the U.S. government provide important insights into the state of the ransomware threat stating that it is still costly and impactful and a staple national security risk.

CISA Finalizes Secure Software Development Self-Attestation Form

CISA published a final version of the Secure Software Development Attestation Common Form, which quires software vendors to sign the form, self-attesting that they comply with secure software practices.

Cyberspace Solarium Commission 2.0 with Mark Montgomery (DCP S2 E1)

In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Mark Montgomery, Senior Director and Senior Fellow at the Foundation for the Defense of Democracies.

Detour or Deadlock? Decoding the Suspended UN Cybercrime Treaty Negotiations

After years of negotiating, the United Nations cybercrime treaty is stalled due to large scale disagreements on scope, terminology, and other details that lead to suspension of the Convention and the tentative decision to reconvene another session.

CR2 Briefs WTO on Cybersecurity Components in Trade

The Coalition to Reduce Cyber Risk held a briefing at the World Trade Organization in Geneva, Switzerland focused on forthcoming research around the inclusion of digital trade and cybersecurity components in trade agreements

Is Phishing-Resistant MFA Table Stakes?

A token with a six-digit code was the ultimate in MFA but with the rise of AI and other sophisticated attacks organizations need to look at phishing-resistant authentication.

Cybersecurity Coalition Announces CyberNext Brussels

The Cybersecurity Coalition has announced the inaugural CyberNext Brussels conference taking place March 21 at the Stanhope Hotel Brussels.

Six Functions Intertwined: the NIST Cybersecurity Framework 2.0 is Here!

It's time to celebrate! It’s NIST Cybersecurity Framework Version 2.0 Release Day.

EU’s Digital Markets Act Puts the Security Onus on Mobile Users

In our latest paper, we discuss the impact of the EU’s mobile app store provisions of the Digital Markets Act, which requires mobile operating systems open up more options for users to install apps, potentially also adding security threats.