2.2.4 Blurring of Distinctions
  • 1 2.2.4.a Public/Private

    • 1.1 Business Software Alliance, Center for Democracy & Technology, U.S. Chamber of Commerce, Internet Security Alliance, Tech America, Improving our Nation’s Cybersecurity through the Public-Private Partnership: a White Paper, Mar 8, 2011

      This paper considers public-private partnerships related to the protection of critical infrastructure. It recommends expanding on existing partnerships in the following areas: risk management, incident management, information sharing and privacy, international engagement, supply chain security, innovation and research and development, and education and awareness.

    • 1.2 Paul Rosenzweig, Cyber Security and Public Goods: The Public/Private “Partnership”, Hoover Institution, 2011

      This article reviews the partnership between Google and the NSA. It argues that the national government cannot be exclusively responsible for providing national cybersecurity. By establishing first economic principles it argues that the main domain in which government action is effective and desirable is that of fostering the sharing of cybersecurity information.

  • 2 2.2.4.b Attack/Exploitation

    • 2.1 William A. Owens, Kenneth W. Dam, and Herbert S. Lin, Committee on Offensive Information Warfare, National Research Council; Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities, Ch. 2.4-2.6, 2009, pp 134-153

      These sections review the different characteristics of an incoming cyber attack, active defense, and cyberexploitation.