Download eBook for Free

FormatFile SizeNotes
PDF file 1.3 MB

Use Adobe Acrobat Reader version 10 or higher for the best experience.


Purchase Print Copy

 FormatList Price Price
Add to Cart Paperback74 pages $22.50 $18.00 20% Web Discount

When defending an organization against cyberattacks, cybersecurity professionals are faced with the dilemma of selecting from a large set of cybersecurity defensive measures while operating with a limited set of resources with which to employ the measures. Engaging in this selection process is not easy and can be overwhelming. Furthermore, the challenge is exacerbated by the fact that many cybersecurity strategies are presented as itemized lists, with few hints at how to position a given action within the space of alternative actions. This report aims to address these difficulties by explaining the menu of actions for defending an organization against cyberattack and recommending an approach for organizing the range of actions and evaluating cybersecurity defensive activities.

Table of Contents

  • Chapter One


  • Chapter Two

    Core Concepts

  • Chapter Three

    Ring 2

  • Chapter Four

    Ring 3

  • Chapter Five

    Using This Work

  • Chapter Six


The study was sponsored by Program, Analysis, and Evaluation (PA&E) of the Office of the Chief Financial Officer, DHS and conducted in the RAND Homeland Security and Defense Center(HSDC), a joint center of two research divisions: RAND Justice, Infrastructure, and Environment and the RAND National Security Research Division.

This report is part of the RAND Corporation Tool series. RAND tools may include models, databases, calculators, computer code, GIS mapping tools, practitioner guidelines, web applications, and various toolkits. All RAND tools undergo rigorous peer review to ensure both high data standards and appropriate methodology in keeping with RAND's commitment to quality and objectivity.

This document and trademark(s) contained herein are protected by law. This representation of RAND intellectual property is provided for noncommercial use only. Unauthorized posting of this publication online is prohibited; linking directly to this product page is encouraged. Permission is required from RAND to reproduce, or reuse in another form, any of its research documents for commercial purposes. For information on reprint and reuse permissions, please visit

The RAND Corporation is a nonprofit institution that helps improve policy and decisionmaking through research and analysis. RAND's publications do not necessarily reflect the opinions of its research clients and sponsors.