A Holistic Approach to Cybersecurity Risk Management

No country, company, or private individual can fully utilize the benefits of information technology while protecting all of their own data, communications, or computer networks from every potential cyber threat, regardless of how much time and money they invest in protective systems. Each entity must set priorities, balance tradeoffs, and make choices about cyber protection, knowing that their choices will affect others and that others’ choices will affect them, too. Minimizing the most serious forms of cyber attack, espionage, and crime without hindering beneficial uses of information technology requires skillful multi-stakeholder governance. This project includes a set of research, education, and outreach activities to facilitate that process. 

Full project description
Jun 7, 2019 | Charles Harry

The US government’s recent efforts to ban the introduction of specific foreign IT vendors’ equipment in government networks is emblematic of the growing concern among organizational leaders posed by global supply chains, highlighting the broad interdependencies between technical and human...

Apr 9, 2019 | Nancy Gallagher, Theresa Hitchens

This article is based on the CISSM working paper of the same name, "Building Confidence in the Cybersphere: A Path to Multilateral Progress"


As use of the internet has become critical to global economic development and international security,...

Mar 3, 2019 | Nancy Gallagher, Charles Harry
Faced with rapidly growing cyber threats, organizational leaders, and government officials cannot reliably secure all data and digital devices for which they are responsible. The best they can do is conduct strategic risk management. That requires a systematic way to...
Feb 27, 2019 | Lindsay Rand

Emerging technologies, such as quantum computing, raise the stakes for onilne data exchanges and further obfuscate the risks to users. As it is, few people who exchange their data online understand modern encryption and how to ensure that a provider...