Insights & Research

The Institute for Security and Technology hosted the Second Annual Cyber Policy Awards, uniting the U.S. cyber policy community alongside key international partners, celebrating those who have made notable contributions.

The use of AI technologies in federal agencies is ever expanding but governance is necessary to ensure its proper use. This report looks at existing governance structures, the role of the CAIO, and recommendations to make governance more effective.

October is National Cybersecurity Awareness Month, making now the perfect time to highlight two essential components of every organization’s security and privacy posture - awareness and training.

NIST hosted the Ready, Set, Update! Privacy Framework 1.1 + Data Governance and Management Profile Workshop, a two-day event to solicit feedback on updates to the Privacy Framework and the creation of a Data Governance and Management Profile.

In our latest Distilling Cyber Policy podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Despina Spanou, the Head of the Cabinet of the Vice-President of the European Commission.

As U.S. federal agencies move to take advantage of the potential benefits of artificial intelligence they are also wondering how to structure governance of these new systems.

In our latest podcast episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by John Banghart, Venable LLP, and Kent Landfield, a founding member of the Common Vulnerabilities and Exposures (CVE) Program.

In our latest episode, Alex Botting and Jen Ellis from the Center for Cybersecurity Policy & Law are joined by Irfan Hemani, Deputy Director of Cyber Security Policy at the UK's Department for Science, Innovation, and Technology.

NIST's Privacy Workforce Public Working Group (PWWG) is a community of professionals from diverse backgrounds united under a shared goal to nurture and develop a skilled privacy workforce.

The wait is over. The Securities and Exchange Commission (SEC) has issued a final rule to enhance and standardize disclosures regarding cybersecurity risk management, governance, and incidents by all companies that are publicly traded.