Periodic updates to Congress on RAND's work in terrorism and homeland security | Web version

Follow OCR on Twitter
May 2015

Terrorism and
Homeland Security

Highlights

Information-sharing is not the only answer to cybersecurity ... How does the government continue to support rebuilding after Hurricane Sandy?

Featured Research

Information-Sharing is Not a Panacea

A man accesses data from a computer

Tomasz Zajda/Fotolia

President Obama recently announced initiatives to improve cybersecurity through information-sharing, and the House just passed two bills to address this issue. But is information-sharing enough to keep companies and government institutions safe from threats in cyberspace?

Martin Libicki, senior management scientist for the RAND Corporation, recently testified on the subject before the House Homeland Security Committee. Libicki explained that information-sharing can and should be an important element in efforts to ensure that defenders learn from each other faster than attackers learn from each other, and the fact that attackers do learn from each other is a finding from research that RAND conducted for a report released last year on cybercrime markets.

However, the current legislative proposals represent an enormous amount of political energy dedicated to what is actually a narrowly focused solution to the problem of cybersecurity. Instead, a much broader approach is required. The usefulness of threat-based information-sharing rests on assumptions about the nature of the threat itself:

  1. A sufficient share of all serious attacks comes from specific black-hat hacker groups and each carry out enough attacks over a period of time so that their modus operandi can be characterized.
  2. Each attacker group generates a consistent set of signatures that recur in multiple attacks (and that can be used reliably by defenders to distinguish their attacks from benign activity).
  3. These signatures are detectable by organizations interested in sharing.
  4. Such signatures will not evolve (enough) over time—even if information-sharing became so widespread that the failure to evolve would make it too hard for hacker groups to penetrate and compromise networks.

Such assumptions would have to be largely or totally true before the value of establishing an information-sharing apparatus can justify the effort to operate it, persuade organizations to contribute to it, and offset the residual risks to privacy that such information transfer may entail.

So while information-sharing can address some issues, policymakers might consider other options such as bug bounty programs or isolation standards for critical physical infrastructure. Unfortunately, quelling the nation's cybersecurity problems is a complex, multi-faceted endeavor not subject to a silver bullet.

Sharing Information About Threats Is Not a Cybersecurity Panacea »

Markets for Cybercrime Tools and Stolen Data: Hackers' Bazaar »

Other RAND research on information security »

Evaluating the Hurricane Sandy Rebuilding Task Force's Infrastructure Resilience Guidelines

A bulldozer is parked in the Queens borough of New York where a concrete foundation is all that remains of a house that burned to the ground during Superstorm Sandy

Mark Lennihan/AP

Although accounts of the devastation wrought by Hurricane Sandy in October 2012 have largely faded from the news, many communities on the East Coast are still in the process of rebuilding using federal dollars. How have federal agencies tried to support rebuilding in a way that enhances infrastructure resilience? RAND examined this issue after Hurricane Sandy motivated the federal government to consider how it might improve community and infrastructure resilience so that communities are better prepared for existing and future threats, including those exacerbated by climate change.

To ensure that federal agencies incorporate key principles of resilience into their formulation, evaluation, and prioritization of infrastructure investments related to Sandy rebuilding, the Presidential Hurricane Sandy Rebuilding Task Force developed its Infrastructure Resilience Guidelines in the spring and summer of 2013, and RAND conducted an initial assessment of federal agencies' implementation of the guidelines to identify the lessons learned from the opportunities and challenges encountered when implementing the guidelines.

There were a few key findings; overall, the guidelines were viewed as reflecting worthy resiliency principles that merit broader pursuit, even before a disaster has taken place.

The Hurricane Sandy Rebuilding Task Force's Infrastructure Resilience Guidelines »

Other RAND research on community resilience »

Twitter »

Follow OCR on Twitter

RAND Congressional @RAND_OCR

Want to know about #Nepal beyond the quake? @JonahBlank reflects on the country's economy, politics, and culture: n.pr/1Ekjzqt

RAND Congressional @RAND_OCR

@SethGJones: Since terrorist groups secure $ from many sources, you need a wide range of tools that target them. on.rand.org/M8zgh

RAND Congressional @RAND_OCR

Many of the current DoD approaches to risk & risk mgmt could stand an overhaul, says Michael Mazarr: ow.ly/Mep0J

RAND Congressional @RAND_OCR

"There has been no major terrorist organization in the world that has been defeated by #drones." - @SethGJones ow.ly/MbgEf

RAND Congressional Resources Staff

Jayme Fuglesten
Director, Office of Congressional Relations

Laura Patton
Terrorism and Homeland Security Legislative Analyst

RAND Office of Congressional Relations
(703) 413-1100, ext. 5395
www.rand.org/congress

Subscriptions

To unsubscribe, please write to ocr@rand.org or call (703) 413-1100, ext. 5776.

Members of Congress and staff may receive a free copy of RAND reports by writing to ocr@rand.org or calling (703) 413-1100, ext. 5395.

RAND can also provide briefings, research assistance, testimony, and other services to Congressional offices.

Sign up for other RAND Congressional Newsletters and Alerts

Learn More

For 40 years, RAND has been a world leader in terrorism research and analysis. For more information, visit www.rand.org/topics/terrorism-and-homeland-security.

Get Weekly Updates from RAND

Policy Currents Newsletter

Subscribe to the weekly RAND Policy Currents newsletter and stay on top of important research and analysis on today's most pressing issues. Policy Currents provides highlights of new research findings, commentary, multimedia, and events.

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis.

Follow RAND

Privacy statement | Email ocr@rand.org to unsubscribe | Manage your email subscriptions

RAND Corporation

RAND Corporation. 1776 Main Street, Santa Monica, CA 90401-3208.
RAND® is a registered trademark.