Reports and other materials of interest will be posted here as they become available.
| || |
Beyond Spectre: Confronting New Technical and Policy Challenges Proceedings of a Workshop
In 2017, researchers discovered a vulnerability in microprocessors used in computers and devices all over the world. The vulnerability, named Spectre, combines side effects from caching and speculative execution, which are techniques that have been used for many years to increase the speed at which computers operate. The discovery upends a number of common assumptions about cybersecurity and draws attention to the complexities of the global supply chain and global customer base for the vast range of devices and cloud capabilities that all computer u
| ||Recoverability as a First-Class Security Objective: Proceedings of a Workshop |
This report summarizes presentations and discussions from a Feb. 2018 Forum on Cyber Resilience workshop. The workshop featured presentations from several experts in industry, research, and government roles who spoke about the complex facets of recoverability—that is, the ability to restore normal operations and security in a system affected by software or hardware failure or a deliberate attack.
| ||Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop |
Software update is an important mechanism by which security changes and improvements are made in software, and this seemingly simple concept encompasses a wide variety of practices, mechanisms, policies, and technologies. To explore the landscape further, the Forum on Cyber Resilience hosted a workshop featuring invited speakers from government, the private sector, and academia. This publication summarizes the presentations and discussions from the workshop.
| || |
Cryptographic Agility and Interoperability: Proceedings of a Workshop
In May 2016, the Forum on Cyber Resilience hosted a workshop on Cryptographic Agility and Interoperability. Participants discussed the drivers and technical and societal implications of increased cryptographic agility. This publication summarizes the presentations and discussions from the workshop.
| || |
Data Breach Aftermath and Recovery for Individuals and Institutions: Proceedings of a Workshop
In January 2016, the Forum on Cyber Resilience hosted a workshop on Data Breach Aftermath and Recovery for Individuals and Institutions. Participants examined existing technical and policy remediations, and they discussed possible new mechanisms for better protecting and helping consumers in the wake of a breach. Speakers were asked to focus on data breach aftermath and recovery and to discuss ways to remediate harms from breaches. This publication summarizes the presentations and discussions from the workshop.
2018 Annual Report of Activities (PDF)
This document summarizes Forum meetings and activities during 2018.
2017 Annual Report of Activities (PDF)
This document summarizes Forum meetings and activities during 2017.
2016 Annual Report of Activities (PDF)
This document summarizes Forum meetings and activities during 2016.
2015 Annual Report of Activities (PDF)
This document summarizes Forum meetings and activities during its first year of activities.
The Computer Science and Telecommunications Board’s portfolio of work and studies addressing cybersecurity, privacy, trustworthiness, and related topics spans nearly three decades. An overview of CSTB reports in these areas is available.
Individual, community, and national resilience is the ability to prepare and plan for, absorb, respond, recover from, and more successfully adapt to adverse events. No person or place is immune from disasters or disaster-related losses. The National Academies of Sciences, Engineering, and Medicine have a number of activities aimed at improving individual, community, and national resilience.