Notable Technical Inquiries (TIs)

Notable TIs are summaries of the most recent and impactful works done by CSIAC in response to technical inquiries that were submitted by the cybersecurity and information systems community members. These summaries are intended to give a sampling of the wide range of questions presented and responses produced by CSIAC under the free 4 hours of information research support.

Filter by Technical Focus Areas

By default, only content within your selected technical focus areas is displayed throughout the site. You can update your technical focus areas in your profile or temporarily filter the content here.


Filter by Article Types

Security-Conscious Password Behavior From the End-User’s Perspective

Even though technical solutions for security problems are widespread, there are no adequate security measures against precarious user behavior.  Even if hashing and encrypting are used correctly in masking the passwords, attackers can bypass these…

Cybersecurity Maturity Model Certification (CMMC): The Road to Compliance

In response to the repeated attacks on the U.S. Department of Defense (DoD) supply chain, the release of the Cybersecurity Maturity Model Certification (CMMC) introduces a verification mechanism that will ensure the necessary security mechanisms…

Privacy Impact Assessment: The Foundation for Managing Privacy Risk

A privacy impact assessment (PIA) is an essential element for effective privacy by design. It enables privacy leaders to be assured that the privacy controls implementation satisfies regulations and organizational requirements and is key to…

Assessing the Operational System Risk Imposed by the Infrastructure Deployment Pipeline Workflow

Real-time data monitoring of systems and system forensics is an essential aspect to keeping your data security platform safe when relying on the use of Infrastructure as Code (IaC) and the potential vulnerabilities associated with…

Smart Cities, Smart Bases, and Secure Cloud Architecture for Resiliency by Design

Smart cities’ critical infrastructure, economy, and governance are designed to sustainably improve the well-being of residents (U.S. Government Accountability Office [GAO], 2019). Critical infrastructures, such as energy, electricity grids, communications networks, transportation, and water systems,…

Challenges in Applying the Law of Armed Conflict to Cyberwar

On June 17, 2010, a small antivirus company established in Belarus discovered the Stuxnet worm. Later research would reveal that an earlier variant of the worm existed at least a year earlier. Stuxnet reputedly caused…

Commercially Available Firewalls

This report provides an index of firewall tools as of May 2, 2011. It summarizes pertinent information, providing users a brief description of available firewall tools and contact information for each. CSIAC does not endorse,…

Commercially Available Vulnerability Assessment Tools

This report provides an index of automated vulnerability assessment tools as of May 2, 2011. It summarizes pertinent information, providing users a brief description of available automated vulnerability assessment tools and contact information for each….

Current Malware Threats and Mitigation

This report provides a brief background on what malware is; the types of malware and how they operate; recent trends in malware capabilities, behaviors, and incidents as of September 17, 2009; and what makes systems…

Ready to submit a technical inquiry?

Receive free information research on technical topics