Insights & Research


K-12 Institutions at Risk of Cyber Attack

A new report shows that K-12 schools are at a higher risk of cyberattack from ransomware operators and hacktivists.

Recommendations from White House Ransomware Summit

Ransomware remains one of the most disruptive cyber threats to governments, organizations, and individuals.

House bill would jump ahead of in-progress efforts to secure software at federal agencies

The Apache Log4j vulnerability brought to light a challenge for software providers that had been seldom seen.

CFPB Policy Calls out MFA, Password Management

For years, regulators have been examining ways to push companies to use phishing-resistant multi-factor authentication (MFA).

White House’s IoT Labeling Effort Has Potential, Must Avoid Pitfalls

Earlier this week the White House announced a new consumer Internet of Things (IoT) labeling effort designed to assist consumers in identifying secure technologies.

3 Actions Latin American Leaders Must Take to Reduce Risk of Cyberattacks

Threat actors are targeting government and private sector organizations across Latin America, so business and political leaders must step up to meet the challenge.

The Securities and Exchange Commission Obstructs National Security

Mr. Schwartz's opinion piece argues that the Securities and Exchange Commission seems to have missed the mark with their latest cybersecurity incident reporting rule.

Enterprise Environment Visibility

Evolution in technology often creates challenges as governments and industry seek to balance the tradeoffs between security, privacy, visibility, and efficiency. When done correctly, these four elements combine to enable products and services that…

Enterprise Data Center Transparency and Security Workshop Summary Report

This summary report on the Enterprise Data Center Transparency and Security Workshop represents a summary of the workshop itself and does not necessarily represent the views of the Center or any of the participating organizations. Future work is…

Center for Cybersecurity Policy and Law to Engage with Industry on Coordinated Vulnerability Disclosure Practices for Hardware

The Center for Cybersecurity Policy and Law announced a new cybersecurity effort to examine coordinated vulnerability disclosure policy and processes specific to hardware…