October is Cybersecurity Awareness Month | Web version

Follow OCR on Twitter
October 28, 2014

Homeland Security

October is Cybersecurity Awareness Month

Computer keyboard with data protection key

Photo by ashka2000/Fotolia

As reports of new credit card data breaches and private photo leaks hit the news, policymakers and private companies are scrambling to determine how to make financial data and private information more secure. There are numerous Congressional proposals that have addressed this issue, although few have gained broad consensus.

The RAND Corporation has research and experts in the U.S. and Europe available to provide insights into cybersecurity proposals. RAND has developed a large body of research focused on recognizing the potential threats to information security and data integrity, as well as implications for personal and institutional privacy. Topics include national security, cyberdeterrence, risk analysis, the potential for establishing cybercrime centers, information-sharing, and aspects of cloud computing.

Hackers Wanted: An Examination of the Cybersecurity Labor Market

Two men working on computers

Photo by nyul/Fotolia

There is a general perception that there is a shortage of cybersecurity professionals within the United States -- and a particular shortage of these professionals within the federal government -- working on national security as well as intelligence. Shortages of this nature complicate efforts to secure the nation's networks and may leave the United States ill-prepared to respond to conflict in cyberspace. RAND researchers recommend waiving civil service rules that impede the hiring of talented cybersecurity professionals, maintaining government hiring of these professionals (even during sequestrations), funding software licenses and related equipment for educational programs, refining tests to identify candidates likely to succeed in these careers, and developing methods to attract women into the field.

Markets for Cybercrime Tools and Stolen Data: Hackers' Bazaar

An analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory

Photo by Jim Urquhart/Reuters

The continued expansion of black and gray markets for computer hacking tools, services and products such as stolen credit card numbers creates an increasing threat to businesses, governments and individuals. The RAND study exposes the characteristics of the cybercrime black markets by revealing the different types of players involved and how they coordinate and act as a "business," with additional consideration given to botnets and their role in the black markets, and "zero-day" vulnerabilities (software bugs that are unknown to vendors and without a software patch). Researchers also examine various projections and predictions for how these cybercrime black markets may evolve.

Hackerazzi: How Naked Celebrities Might Make the Cloud Safer

Oscar-winning actress Jennifer Lawrence has contacted authorities to investigate who stole and posted nude images of her online, part of a reported mass hacking of celebrities' intimate photos

Photo by Adrees Latif/Reuters

Hackerazzis have been around for the better part of the last decade, stealing nude or otherwise private photos of celebrities and circulating them on the Internet for fun and profit. So the August 2014 news of the theft and leak of yet more intimate pictures of dozens of famous personalities is no surprise. However, this latest theft is different because of where the batch of hacked photos resided and the underlying questions about cloud security posed by this hack attack, says RAND researcher Lillian Ablon in a post on the RAND blog.

Experts Available:

Martin Libicki, Senior Management Scientist
Lillian Ablon, Researcher
Issac R. Porche, Senior Engineer

Please don't hesitate to contact me at (703) 413-1100, ext. 5423 or Laura_Patton@rand.org if you would like additional information from RAND, would like to speak to a researcher, or have any questions.

Sincerely,
Laura

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis.

Follow RAND Facebook Twitter Google+
RSS RAND Mobile App

Privacy statement | Email ocr@rand.org to unsubscribe | Manage your subscriptions

RAND Corporation

RAND Corporation. 1776 Main Street, Santa Monica, CA 90401-3208.
RAND® is a registered trademark.