Technology allows individuals and organizations access to more comprehensive and diverse information, but this access requires that electronic information, networks, data repositories, and data transmissions be adequately safeguarded. RAND has developed a large body of research focused on recognizing the potential threats to information security and data integrity, as well as implications for personal and institutional privacy.
Research conducted by:
RAND Justice, Infrastructure, and Environment;
RAND National Security Research Division;
RAND Labor and Population;
RAND Arroyo Center;
RAND Project AIR FORCE
Featured at RAND
Cyberspace is increasingly important for economic growth, openness, and democracy, but poor cybersecurity can make governments, businesses, and individuals open to cyber attack and cyber crime. RAND Europe conducts a range of research on the topic to advise policymakers.
The U.S. should make two key reforms. First, the over-designation of material as classified makes it is harder to protect the few real secrets; this must be change. Second, the FISA court must become a gatekeeper for NSA access to communications data.
Reports earlier this year that the U.S. Department of Defense leased a Chinese satellite to support military operations in Africa sparked concern that the arrangement could compromise control over U.S. military communications, or, worse, allow Chinese intelligence gatherers access to privileged military data.
The fact is that the United States needs to gear up for the coming era of cyber threats — and start by ensuring its financial flank is not catastrophically compromised, writes Mark Sparkman.
The European Cyber Security Strategy is remarkable because it tries to co-ordinate policy across three areas whose competences and mandates were formerly very separate: law enforcement, the 'Digital Agenda', and defence, security, and foreign policy, writes Neil Robinson.
While the opening of the EC3 at Europol, in line with our first-choice scenario, is very welcome, our study uncovered a range of risks that the EC3 will need to confront if it is to tackle cybercrime in a more coordinated and effective manner, writes Neil Robinson.
Innovative approaches are needed to break the current stalemate of information sharing and to build a solid and reliable evidence base on the state of cyber-security, writes Neil Robinson.
The highly sophisticated Stuxnet computer worm suspected of sending Iran's nuclear centrifuges into self-destruction mode forces a difficult debate on whether longstanding firewalls in our country's democracy should be breached for the sake of national security, writes Isaac Porche.
In the future, the EU will inevitably have to adjust its system of rules to cope with the evolving uses of personal data, globalization and international data flows, write Neil Robinson and Lorenzo Valeri.
RFID Security in the Workplace: Perk or Privacy?, in the Security World International.
Published commentary by RAND staff: President Obscured the Case for Spying, in the San Francisco Chronicle.