Receive free information research on technical topics
Technical Inquiries (TIs)
The core function of CSIAC is to answer technical questions using our in-house technical personnel, vast DoD information resources, and our extensive network of subject matter experts (SMEs). CSIAC has technical staff available to conduct technical research in order to give you a head start on your analysis or study in any of our technical focus areas. We offer a free 4-hour TI research service or, for slightly larger research efforts, we offer an extended technical inquiry (ETI) service.
Technical Inquiry Features
Our TIs include the following to help you with your research:
Free Technical Inquiry Services
CSIAC’s free TI service offers 4 hours of free research per inquiry on any topic within our technical focus areas. Typical TI efforts may include answering technical questions, literature searches, document requests, or referrals to SMEs. Completed responses are compiled and delivered to the inquirer in less than 10 business days. Registered users can submit TIs online through the provided form or by phone.
Extended Technical Inquiry (ETI) Services
ETIs are externally funded research efforts that go slightly beyond 4 research hours. ETIs require between 5 and 160 technical hours of research, with a $50K maximum ceiling and period of performance up to 2 months.
Ready to submit a technical inquiry?
Notable Technical Inquiries
Notable TIs are summaries of the most recent and impactful works done by CSIAC in response to technical inquiries that were submitted by cybersecurity and information systems members. These summaries are intended to give our community a sampling of the wide range of questions presented and responses produced by CSIAC under the free 4 hours of information research support.
What existing tools and techniques could be applied to modeling the linkages and dependencies between critical US infrastructure components?
Relating to requirement 3.10 in NIST 800-171r1, is it sufficient to have an audit log of physical access with entry events but not exit events?
How do end-users perceive their own password security practices, and how does this behavior differ from acceptable standards?
What are the major requirements of the Cybersecurity Maturity Model Certification for DoD contractors and subcontractors?
What is the industry standard for performing a privacy impact assessment?