Receive free information research on technical topics
Technical Inquiries (TIs)
The core function of CSIAC is to answer technical questions using our in-house technical personnel, vast DoD information resources, and our extensive network of subject matter experts (SMEs). CSIAC has technical staff available to conduct technical research in order to give you a head start on your analysis or study in any of our technical focus areas. We offer a free 4-hour TI research service or, for slightly larger research efforts, we offer an extended technical inquiry (ETI) service.
Technical Inquiry Features
Our TIs include the following to help you with your research:
Free Technical Inquiry Services
CSIAC’s free TI service offers 4 hours of free research per inquiry on any topic within our technical focus areas. Typical TI efforts may include answering technical questions, literature searches, document requests, or referrals to SMEs. Completed responses are compiled and delivered to the inquirer in less than 10 business days. Registered users can submit TIs online through the provided form or by phone.
Extended Technical Inquiry (ETI) Services
ETIs are externally funded research efforts that go slightly beyond 4 research hours. ETIs require between 5 and 160 technical hours of research, with a $50K maximum ceiling and period of performance up to 2 months.
Ready to submit a technical inquiry?
Notable Technical Inquiries
Notable TIs are summaries of the most recent and impactful works done by CSIAC in response to technical inquiries that were submitted by cybersecurity and information systems members. These summaries are intended to give our community a sampling of the wide range of questions presented and responses produced by CSIAC under the free 4 hours of information research support.
Critical Infrastructure Linkage and Dependency Modeling for Homeland Defense
What existing tools and techniques could be applied to modeling the linkages and dependencies between critical US infrastructure components?
CUI Security Controls: Physical Access Control
Relating to requirement 3.10 in NIST 800-171r1, is it sufficient to have an audit log of physical access with entry events but not exit events?
Security-Conscious Password Behavior From the End-User’s Perspective
How do end-users perceive their own password security practices, and how does this behavior differ from acceptable standards?
Cybersecurity Maturity Model Certification (CMMC): The Road to Compliance
What are the major requirements of the Cybersecurity Maturity Model Certification for DoD contractors and subcontractors?
Privacy Impact Assessment: The Foundation for Managing Privacy Risk
What is the industry standard for performing a privacy impact assessment?
Assessing the Operational System Risk Imposed by the Infrastructure Deployment Pipeline Workflow
What is the operational system risk imposed by the infrastructure deployment pipeline workflow?