OECD (2012) Cybersecurity Policy Making at a Turning Point.
 Obama, B. (2013) Executive Order—Improving Critical Infrastructure Cybersecurity.
 National Institute of Standards and Technology (NIST) (2014) Framework for Improving Critical Infrastructure Cybersecurity.
 Trump, D. (2017) Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.
 Gordon, L.A., Loeb, M.P. and Lucyshyn, W. (2014) Cybersecurity Investments in the Private Sector: The Role of Governments. Georgetown Journal of International Affairs, International Engagement on Cyber IV, 79-88.
 Gordon, L.A., Loeb, M.P., Lucyshyn, W. and Zhou, L. (2015) The Impact of Information Sharing on Cybersecurity Underinvestment: A Real Options Perspective. Journal of Accounting and Public Policy, 34, 509-519.
 Filkins, B. (2016) IT Security Spending Trends. SANS Institute, Bethesda, MD, 1-23.
 The Senate and House of Representatives of the United States of America (2002) Sarbanes-Banes Oxley Act.
 U.S. Securities and Exchange Commission (2011) SEC Disclosure Guidance: Topic No. 2.
 C-SPAN (2017) Equifax Senate Banking Committee Hearing on Equifax Data Breach.
 Gartner, Inc. (2017) Gartner Says Detection and Response is Top Security Priority for Organizations in 2017.
 Gordon, L.A., Loeb, M.P., Lucyshyn, W. and Richardson, R. (2006) CSI/FBI Computer Crime and Security Survey. Computer Security Institute, San Francisco, CA.
 PwC (2017) Strengthening Digital Society against Cyber Shocks: Key Findings from the Global State of Information Security Survey 2018.
 EY (2017) EY’s 19th Global Information Security Survey 2016-17.
 Ponemon Institute (2017) 2017 Cost of Cyber Crime Study: Insights on the Security Investments that Make a Difference.
 U.S. Government (1996) Health Insurance Portability and Accountability Act (HIPPA).
 Fanelli, B., Pessanha, R., Gwiazdowski, A., Chng-Castor, A. and Auger, A. (2017) 2017 State of Cybersecurity among Small Businesses in North America. Better Business Bureau.
 Armed Forces Communications and Electronics Association (AFCEA) (2013) The Economics of Cybersecurity: A Practical Framework for Cybersecurity Investment.
 Gordon, L.A. and Loeb, M.P. (2011) You May Be Fighting the Wrong Security Battles. The Wall Street Journal.
 Palin, A. (2013) Maryland Professors Weigh Up Cyber Risks. The Financial Times.
 Gordon, L.A., Loeb, M.P. and Lucyshyn, W. (2003) Sharing Information on Computer Systems: An Economic Analysis. Journal of Accounting and Public Policy, 22, 461-485.
 Gordon, L.A., Loeb, M.P., Lucyshyn, W. and Sohail, T. (2006) The Impact of the Sarbanes-Oxley Act on the Corporate Disclosures of Information Security Activities. Journal of Accounting and Public Policy, 25, 503-530.
 C-SPAN (2014) Target and Neiman Marcus Cybercrime and Privacy Congressional Hearing.
 Malcolm, H. (2014) Target Breach Helps Usher in New World of Data Security.