Cyber Committee White Papers

AFCEA Committees bring together the top thought leaders to collaborate on issues of national and global importance. Often a subject is addressed that evolves into a white paper for distribution to higher levels, including government and military leadership. The following represent the work of the AFCEA Cyber Committee. A list of additional AFCEA white papers is also available.


The U.S. Cybersecurity Industrial Base and National Security

This white paper conveys to U.S. national security policy makers and decision makers observations and recommendations regarding the nation's cybersecurity industrial base and this sector's ability to support and strengthen the national security of the United States.



Cyber Insurance

The Cyber Insurance Subcommittee of AFCEA International's Cyber Committee concluded cyber insurance is useful in risk transference but with some important caveats. For example, a purchase decision is contingent on individual company circumstances, such as revenue, risk tolerance, board guidance and regulatory environment relative to protected categories of information. In addition, every purchase decision should be critically reviewed regarding the extent of exclusions to coverage in each policy. The subcommittee also concluded that it remains in the indeterminate future whether cyber insurance underwriters routinely will begin to discount premiums for businesses that implement sound security countermeasures.


Measuring Security: Making Sense out of a Modern-Day Tower of Babel


Despite obvious and compelling needs for ways to measure security, AFCEA’s Cyber Committee found that there is no consensus about how to measure security. To the contrary, its members found that the security metrics are all over the map with most organizations admitting in confidential discussions that they are not comfortable with the metrics they are using.


Big Data Analytics and Cybersecurity: Three Challenges, Three Opportunities

This paper recommends research and development the government and private sector can conduct regarding ways in which big data analytics can secure complex networks and environments. It also recommends enhanced, enterprise-level security regarding big data environments. Finally, it recommends stronger efforts by the Intelligence Community to understand how adversaries may be using big data analytics to understand the United States and craft courses of action that affect national interests.


Key Cyber Issues and Recommendations: A Way Forward

Given the breakneck speed of technological change, challenges associated with developing/issuing national policy and concomitant adversary capabilities, government often finds itself behind the curve with respect to coordinated cybersecurity readiness and response. 

Public/Private Information Sharing

 There is a high level of frustration that the enemy is moving at unprecedented speeds, and it is unlikely that public policy can change fast enough to adapt and morph at the necessary speed to mitigate the impact of our attackers. 

Recommended Implementation Strategies for a National Cyber Information Sharing Initiative

This paper addresses recommendations for implementation strategies that should be pursued in implementing the provisions of the executive order (EO) on information sharing1. However, the committee believes that a successful implementation of the EO requires an appropriate context for these efforts as well as a framework that could be used to define success.

Recommended Context and Framework for a National Cyber Information Sharing Initiative

 This paper provides recommendations for establishing the standards and implementation of an effective National Information Sharing Infrastructure.


Driving Cybersecurity Awareness HOME!

In the cyber environment, some realities defy dispute. First, the cybersecurity challenge is pervasive and growing with an ever-evolving range of threats. Second, no one wants to be a victim of cyber crime or a cyber attack, but many people, businesses, and organizations simply do not know how to dissuade cyber intruders. 

Security Implications of the Internet of Things

Once we, as individual consumers, introduce the IoT into our families and lives, we allow machine-tomachine interactions on our behalf. This changes legal and liability issues and, in some cases, introduces a series of grey areas yet to be defined.


The Science of Security: A Survey and Analysis

Cyber Intelligence Sharing

The Economics of Cybersecurity: A Practical Framework for Cybersecurity Investment

The Economics of Cybersecurity Part II: Extending the Cybersecurity Framework

The Future of Internet Governance: Can the Current Model Support the New Economics of the Internet?


Critical Infrastructure: Electric Power

Insider Threat: Protecting U.S. Business Secrets and Sensitive Information

Secure Mobility


Cyber Assured Identity

Looking for the Right Answers in the Clouds

Security and Cloud Computing

Security Risks of Not Migrating to IPV6

Supply Chain Risk Management


Additional AFCEA White Papers