Technical Inquiries (TIs)

The core function of CSIAC is to answer technical questions using our in-house technical personnel, vast DoD information resources, and our extensive network of subject matter experts (SMEs). CSIAC has technical staff available to conduct technical research in order to give you a head start on your analysis or study in any of our technical focus areas. We offer a free 4-hour TI research service or, for slightly larger research efforts, we offer an extended technical inquiry (ETI) service.

Technical Inquiry Features

Our TIs include the following to help you with your research:

magnifying glass
Literature Searches

A curated bibliography given a technical topic

Document
Document Requests

Dissemination of technical reports to authorized users

User Icon
SME Referrals

Contacts and connections with relevant, technical SMEs

business documents on office table with smart phone and digital

Free Technical Inquiry Services

CSIAC’s free TI service offers 4 hours of free research per inquiry on any topic within our technical focus areas. Typical TI efforts may include answering technical questions, literature searches, document requests, or referrals to SMEs. Completed responses are compiled and delivered to the inquirer in less than 10 business days. Registered users can submit TIs online through the provided form or by phone.

Extended Technical Inquiry (ETI) Services

ETIs are externally funded research efforts that go slightly beyond 4 research hours. ETIs require between 5 and 160 technical hours of research, with a $50K maximum ceiling and period of performance up to 2 months.

Relaxed informal IT business startup company team meeting.

Ready to submit a technical inquiry?

Receive free information research on technical topics

Notable Technical Inquiries

Notable TIs are summaries of the most recent and impactful works done by CSIAC in response to technical inquiries that were submitted by cybersecurity and information systems members. These summaries are intended to give our community a sampling of the wide range of questions presented and responses produced by CSIAC under the free 4 hours of information research support.

Security-Conscious Password Behavior From the End-User’s Perspective

Even though technical solutions for security problems are widespread, there are no adequate security measures against precarious user behavior.  Even if hashing and encrypting are used correctly in masking the…

Cybersecurity Maturity Model Certification (CMMC): The Road to Compliance

In response to the repeated attacks on the U.S. Department of Defense (DoD) supply chain, the release of the Cybersecurity Maturity Model Certification (CMMC) introduces a verification mechanism that will…

Privacy Impact Assessment: The Foundation for Managing Privacy Risk

A privacy impact assessment (PIA) is an essential element for effective privacy by design. It enables privacy leaders to be assured that the privacy controls implementation satisfies regulations and organizational…

Assessing the Operational System Risk Imposed by the Infrastructure Deployment Pipeline Workflow

Real-time data monitoring of systems and system forensics is an essential aspect to keeping your data security platform safe when relying on the use of Infrastructure as Code (IaC) and…

Smart Cities, Smart Bases, and Secure Cloud Architecture for Resiliency by Design

Smart cities’ critical infrastructure, economy, and governance are designed to sustainably improve the well-being of residents (U.S. Government Accountability Office [GAO], 2019). Critical infrastructures, such as energy, electricity grids, communications…

Challenges in Applying the Law of Armed Conflict to Cyberwar

On June 17, 2010, a small antivirus company established in Belarus discovered the Stuxnet worm. Later research would reveal that an earlier variant of the worm existed at least a…

Commercially Available Firewalls

This report provides an index of firewall tools as of May 2, 2011. It summarizes pertinent information, providing users a brief description of available firewall tools and contact information for…

Commercially Available Vulnerability Assessment Tools

This report provides an index of automated vulnerability assessment tools as of May 2, 2011. It summarizes pertinent information, providing users a brief description of available automated vulnerability assessment tools…

Current Malware Threats and Mitigation

This report provides a brief background on what malware is; the types of malware and how they operate; recent trends in malware capabilities, behaviors, and incidents as of September 17,…