top of page
Copy of Copy of Untitled.png

Cyber Event Self-Reporting (CESR) 

The Cyber Event Self-Reporting (CESR) project is a DCA community project that has been created to test the impact of highly-granular data ownership controls on the self-reporting and sharing of data incident information.

PROJECT BACKGROUND

As the social and economic impact of data over-exposure become more fully understood, there is an increasing recognition that more effective self-reporting and collaboration on incident data is required in order to mitigate the negative consequences for citizens and organizations.

However,  there are currently few public systems that enable organizations to quickly capture and securely collaborate on their cyber incident data.

Another Court Says Data Breach Investigation Report Is Fair Game

Survey: Nearly 3 in 4 Organizations Suffered Data Breaches Due to Phishing

Data breaches cost surveyed companies $4.24 million per incident on average; highest in 17-year report history

Biden signs an executive order aimed at protecting critical American infrastructure from cyberattacks.

US Senate mulling bill on data breach notifications

New Connecticut breach notification requirements and cybersecurity safe harbor effective October 2021

PROJECT GOALS

The goal of this research project is to design a Cyber Event Self-Reporting System (CESR) prototype that simplifies data management, protects anonymity, and offers granular access controls all within a Zero-Copy Integration data management environment.

​

The prototype will be shared with a test group of cyber reporting stakeholders to determine its potential to support more frequent reporting, faster reporting times, and increased collaboration with data.

  • Simplified data entry / data automation

  • User credential verification

  • Granular and universal access controls

  • Anonymity (organizational)

  • Zero-Copy Integration for building new solutions:

    • Internal use cases

    • Cross-organizational use cases (preserving anonymity)

  • Data deletion/the right to be forgotten

  • Precision auditability of data usage reporting

PROJECT OBSERVERS

The CESR project team invites input and advice from cyber security, consumer protection, and trade organizations. 

SAMPLE SOLUTIONS

The project will identify the types of systems and actionable intelligence that would result from collaboration on anonymized incident data.

Alert Systems
Pattern Analysis
Consumer Apps
desktop.png
data browser_2x.png
apps.png
chatbot.png

UNIVERSAL ACCESS CONTROLS

The CESR Collab will test the impact of owner-defined, universally-enforced data access controls.
VIEW, ADD, EDIT
CUSTODIANSHIP
Data owners are able to control which internal users and groups can view, add, or edit their data at the level of table, row, column, or even down to the individual cell of a given record.
QUERY
Data owners can grant/revoke query access to their de-identified data to enable 3rd parties for build new solutions. No copies of data are generated in this process and all access controls are retained.
Data owners can assign temporary "control of the controls" to internal users or groups in order to assist in data incident reporting and data collaboration. This custodianship can be revoked at any time.
DELETION
A benefit of the 'Zero-Copy Integration' environment is that data owners are able to fulsomely delete their information at any time, giving them a true right to be forgotten with no copies left unaacounted.

PROJECT METHODOLOGY

  1. Formulate question 
  2. Conduct research
  3. Formulate hypothesis
  4. Make prediction
  5. Design experiment
  6. Evaluate results
  7. Report results

GET INVOLVED

The DCA community is free to join and we welcome data privacy, data protection, data law, data compliance, UX, IT, and tech startup professionals to join us in support of meaningful data ownership and global Collaborative Intelligence.

bottom of page