Critical Infrastructure Protection

Featured

Every nation has an obligation to protect essential government, financial, energy, transportation, and other critical infrastructure operations against terrorist activities and natural disasters. RAND addresses homeland security and critical infrastructure needs through objective research that assists national, state, and local agencies in preventing and mitigating terrorist activities, as well as in improving disaster preparedness, response, and recovery.

  • A K-9 police unit keeps watch as passengers make their way through Ronald Reagan Washington National Airport, photo by Kevin Lamarque/Reuters

    Commentary

    Improving Domestic Security to Combat Today's Terrorist Threats

    Jan 30, 2015

    Today, the U.S. confronts a multilayered terrorist threat and the recent spate of attacks in Europe underscores the necessity for ensuring that intelligence keeps up with it. Intelligence services must continue to prevent terrorist assaults dispatched from abroad, head off new shoe and underwear bombers, intercept individuals returning from jihadist fronts with terrorist intentions, while at the same time uncovering and thwarting homegrown plots.

  • AP367654238051-1

    Report

    Lessons Learned from Implementing Infrastructure Resilience Guidelines

    Dec 9, 2014

    The Presidential Hurricane Sandy Rebuilding Task Force developed guidelines to ensure that federal agencies incorporate key principles of resilience into their formulation, evaluation, and prioritization of infrastructure investments related to Sandy rebuilding. An initial assessment of the implementation of the guidelines identifies opportunities and challenges.

Explore Critical Infrastructure Protection

  • U.S. Defense Secretary Ash Carter meets with Chinese Gen. Fan Changlong, vice chairman of China's Central Military Commission, at the Pentagon, June 11, 2015

    Commentary

    OPM Hack Poses Overlooked Counterintelligence Risk for Economic Espionage

    Since discovering the theft of personal data from an OPM database last spring, government officials have been preoccupied with assessing the risks to national security. But they must also address its potential to enable an adversary to steal valuable economic and commercial information.

    Feb 1, 2016

  • Department of Homeland Security researchers work at the Idaho National Laboratory in Idaho Falls, April 28, 2010

    Tool

    A Framework for Programming and Budgeting for Cybersecurity

    When defending an organization, cybersecurity professionals must choose from a large set of defensive measures while operating with a limited set of resources. What is the menu of actions for defending against an attack? And how can defenders navigate the selection process?

    Jan 20, 2016

  • Genetically modified organism: wheat under microscope

    Project

    Assessing the Impact of Specific Measures Aimed at Increasing Transparency and Engagement in the EFSA Risk Assessment ...

    The European Food Safety Authority (EFSA) commissioned RAND Europe to assess the potential impacts of implementing a set of measures designed improve transparency and openness.

    Jan 19, 2016

  • A flying police car hovers past city buildings

    Essay

    How Will Technology Change Criminal Justice?

    In perhaps no other field does society have as direct a stake in getting technology right as in policing. How will technology change the work that law enforcement agencies do and the communities they serve?

    Jan 7, 2016

  • Journal Article

    Cloud-Trust—a Security Assessment Model for Infrastructure as a Service (IaaS) Clouds

    The vulnerability of Cloud Computing Systems (CCSs) to Advanced Persistent Threats (APTs) is a significant concern to government and industry.

    Dec 23, 2015

  • Financial system representation

    Report

    The National Security Implications of Virtual Currency

    Could a non-state actor deploy a virtual currency to disrupt sovereignty and increase its political or economic power? How might a government or organization successfully disrupt such a deployment?

    Dec 16, 2015

  • Politics, US , Politics

    Testimony

    Jihadist Conspirators in the United States

    A review of how terrorists arrived in the United States in the past can help the government prioritize its efforts and resources. But it may not be a reliable indicator of how terrorist organizations could attempt to bring violence to America in the future.

    Dec 10, 2015

  • Internet of Things graphic

    Commentary

    Keeping Hackers Away from Your Car, Fridge, and Front Door

    In the ever-growing Internet of Things, attackers already outpace the defenders. If developing solutions for software liability doesn't become more of a priority, there may be no winning this technological war.

    Dec 7, 2015

  • Dissertation

    Improving Energy Security for Air Force Installations

    Develops a methodology and tool that will allow installation commanders and energy managers the ability to evaluate the cost and effectiveness of various energy investment options.

    Nov 23, 2015

  • Close-up view on white conceptual keyboard - European Union (key with flag)

    Report

    Exploring Cybersecurity Threats and Policy Responses in the EU and Beyond

    Existing cybersecurity measures in the EU are fragmented, largely due to gaps in operational capabilities as well as strategic priorities of Member States. However, there are many policy options that may improve the EU's overall cybersecurity approach.

    Nov 18, 2015

  • A U.S. Air Force airman works at the 561st Network Operations Squadron, which executes defensive cyber operations

    Commentary

    The Two Sides of Cybersecurity

    Securing government networks is certainly necessary, but authorities should not lose sight of the need to couple their defense of America's networks with appropriate resources dedicated to combatting criminal, terrorist, and other threats in cyberspace.

    Nov 13, 2015

  • Journal Article

    Deterrence, Influence, Cyber Attack, and Cyberwar

    This study uses a simple model to speculate about whether deterrence can be a significant part of dealing with special features of the cyber attack challenge, and distinguishing different classes and contexts of cyber threats.

    Nov 13, 2015

  • Volkswagen CEO Matthias Mueller gives a tour of the VW factory in Wolfsburg, Germany, October 21, 2015

    Commentary

    When Public Trust in Corporations Is Shaken

    The Volkswagen scandal comes at a time when the public's trust in both the automotive industry and tech companies is at risk. The level of public trust in an individual organization could end up burnishing — or infecting — an entire industry or new technology.

    Oct 28, 2015

  • Research Brief

    Cybersecurity of Air Force Weapon Systems: Ensuring Cyber Mission Assurance Throughout a System's Life Cycle

    Discusses how the Air Force acquisition/life-cycle management community can improve cybersecurity throughout the life cycle of Air Force weapon systems.

    Oct 27, 2015

  • An F-15 flying over Nevada during a USAFWS Mission Employment Exercise

    Report

    Improving the Cybersecurity of U.S. Air Force Weapon Systems

    U.S. Air Force weapon systems containing information technology may be vulnerable to intelligence exploitation and cyberattacks. But there are steps that the Air Force can take to improve the security of these systems throughout their life cycles.

    Oct 27, 2015

  • Malware phishing data concept

    Commentary

    Social Engineering Explained: The Human Element in Cyberattacks

    The human element is the most unpredictable factor in cybersecurity. A social engineer aims to make people do what they want or give the social engineer information, often without the person considering the negative consequences.

    Oct 20, 2015

  • A person looking at top secret files with a magnifying glass

    Commentary

    Defining a New Paradigm for Government Secrecy

    Technology has afforded the U.S. national security apparatus incredible capabilities, along with equally monumental challenges and risks. The government has the option to choose whether to adjust by taking a proactive approach or to allow external forces to determine the future of its secrets.

    Oct 13, 2015

  • Joint service and civilian personnel concentrate on exercise scenarios during "Cyber Guard 2015."

    Testimony

    Perspective on 2015 DoD Cyber Strategy

    The DoD's cyber strategy is aligned with its mission, but there will be challenges to implementation—including building and maintaining a capable workforce, assessing risk across DoD networks and systems, and planning for operations.

    Sep 29, 2015

  • U.S. President Barack Obama and Chinese President Xi Jinping shake hands following a joint news conference in the Rose Garden at the White House in Washington September 25, 2015

    Commentary

    Define Acceptable Cyberspace Behavior

    While a U.S.-China cyberspace agreement is a welcome step, it also underscores the greater issues facing the United States and the international community in this largely ungoverned space. A precondition for securing U.S. networks should be the development of an overarching cyber doctrine that defines acceptable behavior and allows the U.S. to defend its networks against threats.

    Sep 27, 2015

  • congressional-podcast-teaser-highres

    Multimedia

    Lessons from a Hacker: Cyber Concepts for Policymakers

    In this September 14th congressional briefing, Lillian Ablon discusses the basics of cyber and information security and provides insights into some of the complexities of cybersecurity policymaking. Topics include why software vulnerabilities are significant, the components of cyber risk beyond the threat, motivations of various cyber threats actors, and what they exploit.

    Sep 14, 2015

  • Topic Synonyms:
  • CIP