Critical Infrastructure Protection

Every nation has an obligation to protect essential government, financial, energy, transportation, and other critical infrastructure operations against terrorist activities and natural disasters. RAND addresses homeland security and critical infrastructure needs through objective research that assists national, state, and local agencies in preventing and mitigating terrorist activities, as well as in improving disaster preparedness, response, and recovery.

  • Report

    Improving Turkish-Iraqi Border Security: An Agent-Based Modeling and Simulation Approach

    Analyzes several policy options that could help increase border security by reducing militant actions from safe havens in foreign territory, focusing on a section of the Turkish-Iraqi border that is particularly difficult to protect.

    Dec 23, 2014

  • Illustrated photo of a person typing on a computer keyboard

    Commentary

    Preventing Cyber Attacks: Sharing Information About Tor

    While Tor has many benefits, it is also used to hide criminal activity online such as the recent cyber attacks against JPMorgan Chase and Sony Pictures. The U.S. government should share the IP addresses of Tor network nodes with U.S. critical infrastructure and financial firms so that future cyber attacks could be prevented.

    Dec 17, 2014

  • North Korean leader Kim Jong-un guides a takeoff and landing drill on a highway airfield in this undated photo released by North Korea's Korean Central News Agency in Pyongyang, October 19, 2014

    Commentary

    How Should the U.S. Respond to the Sony Hack?

    North Korea is likely testing the United States and its cyber community to see where vulnerabilities may exist. So this is not just an issue of how Sony Pictures responds—this is an issue of how the United States responds.

    Dec 11, 2014

  • A bulldozer is parked in the Queens borough of New York where a concrete foundation is all that remains of a house that burned to the ground during Superstorm Sandy in October 2012

    Report

    Lessons Learned from Implementing Infrastructure Resilience Guidelines

    The Presidential Hurricane Sandy Rebuilding Task Force developed guidelines to ensure that federal agencies incorporate key principles of resilience into their formulation, evaluation, and prioritization of infrastructure investments related to Sandy rebuilding. An initial assessment of the implementation of the guidelines identifies opportunities and challenges.

    Dec 9, 2014

  • Richard Danzig, Adm. Michael S. Rogers, and Michael E. Leiter at RAND's Politics Aside 2014

    Blog

    Setting Standards for Cyber Security

    Developing international norms and standards about appropriate cyber security activity by nations, groups, and even individuals is key to governing online activity in the future, said NSA Director Adm. Michael S. Rogers during a panel discussion at RAND's Politics Aside event.

    Nov 14, 2014

  • Server room in data center

    Commentary

    Putting the Brussels House in Order: Why Data Protection Frameworks in EU Institutions and Agencies Are Not Fit for Purpose

    EU institutions and agencies urgently need to revisit the frameworks that govern data privacy in their own houses if they want to keep pace with some of the latest trends in corporate information and communication technology (ICT) delivery and use, such as cloud computing or the consumerisation of ICT ('bring your own device').

    Oct 23, 2014

  • Tinker Air Force Base Computing Center

    Report

    Cost Considerations in Cloud Computing

    Until the Department of Defense develops official guidance for cost analysis of cloud and data centers, examining cost drivers for several data management approaches can help guide DoD analysts.

    Oct 2, 2014

  • Graphic design with blue globe

    Project

    Examining the EU's Information Security and Data Protection Frameworks

    Has Brussels put its own house in order when it comes to information security and data privacy? RAND Europe research suggests that the EU institutions and agencies should review the rules that govern their information security and data privacy procedures if they want to be ahead of the ICT innovation curve.

    Sep 22, 2014

  • Testimony

    Strategic Planning for Border Security: Addendum

    Document submitted on September 18, 2014 as an addendum to testimony presented before the House Science, Space, and Technology Committee, Subcommittee on Research and Technology and Subcommittee on Oversight on July 31, 2014.

    Sep 18, 2014

  • Oscar-winning actress Jennifer Lawrence has contacted authorities to investigate who stole and posted nude images of her online, part of a reported mass hacking of celebrities' intimate photos

    Commentary

    Hackerazzi: How Naked Celebrities Might Make the Cloud Safer

    Despite data breach after data breach that lays bare the personal information of millions of people, leading to only incremental changes by the hacked company, it seems it only takes a handful of celebrity nude selfies to bring issues like cloud security and multi-factor authentication to the fore causing immediate changes.

    Sep 8, 2014

  • Two boys sitting on a couch playing video games, photo by Sean Davis/Fotolia

    Report

    Living Room Connected Devices: Opportunities, Security Challenges, and Privacy Implications

    The "Internet-connected living room" poses security and privacy implications for industry and consumers, offering potential benefits as well as threats associated with the technical capabilities of living room connected devices.

    Sep 2, 2014

  • Report

    Ramifications of DARPA's Programming Computation on Encrypted Data Program

    RAND was asked to evaluate whether the Programming Computation on Encrypted Data program -- which expands the knowledge base of the global cryptographic community -- is likely to provide more benefits to the United States than it does to its global rivals.

    Aug 25, 2014

  • Report

    RAND Review: Vol. 38, No. 2, Summer 2014

    The cover story discusses the rising wave of cybercrime and possible responses to it, while other features highlight research on medical innovation and U.S. security cooperation, plus public policy insights from Victor Hugo.

    Aug 7, 2014

  • A sheriff walks toward the cyber horizon.

    Periodical

    RAND Review Takes Measure of Cybercrime, Medical Innovation, U.S. Security Cooperation

    Stories in RAND's flagship magazine discuss the duel between cybercrime and the law, the gamble of medical innovation, and the fruits of U.S. security cooperation.

    Aug 7, 2014

  • A sheriff walks toward the cyber horizon.

    Periodical

    Wild Wild Web: For Now, Cybercrime Has the Upper Hand in Its Duel with the Law

    The Internet has become a vast untamed territory for cybercriminals. But there are ways that private companies, defense contractors, law enforcement, and other government agencies can minimize the harmful influence of cyber black markets.

    Aug 7, 2014

  • U.S. Capitol building with summer flowers

    Blog

    Summer Reading for Congress

    No matter how policymakers spend their break—meeting with home-state constituents, traveling abroad with congressional delegations, or spending time with family—this summer reading list contains policy ideas that can help them hit the ground running when they return.

    Jul 31, 2014

  • Chain link fence protecting American border

    Testimony

    Getting Smarter About Border Security Strategy, Data, and Technology Infrastructure

    There is no single solution for border security challenges. However, a network of mutually reinforcing and even redundant layers of defenses can enable the U.S. to better control its borders.

    Jul 31, 2014

  • Airline passengers wait in line before passing through a TSA checkpoint at LAX

    Commentary

    TSA's Cellphone Rule Part of Deadly Race

    While placing explosives inside a cellphone is plausible, it is almost impossible to do so with iPhones without rendering them non-functional, which is why the TSA is now checking cell phones are actually working.

    Jul 29, 2014

  • car interior with a dashboard computer

    Commentary

    Sounding the Car Alarm on Hackers

    Security protections on vehicles have not kept pace with systems that control safety features, navigation capabilities, and wireless communication functions. Onboard computer networks will likely become much more attractive to hackers.

    Jun 30, 2014

  • Report

    How Do We Know What Information Sharing Is Really Worth? Exploring Methodologies to Measure the Value of Information Sharing and Fusion Efforts

    This report discusses the challenges of evaluating information-sharing efforts that seek to achieve multiple goals simultaneously; reviews past evaluations of information-sharing programs; and lays out a path to improving the evaluation of such efforts.

    Jun 18, 2014

  • Topic Synonyms:
  • CIP