Cybersecurity

Featured

Technology allows individuals and organizations access to more comprehensive and diverse information, but this access requires that electronic information, networks, data repositories, and data transmissions be adequately safeguarded. RAND has developed a large body of research focused on recognizing the potential threats to information security and data integrity, as well as implications for personal and institutional privacy.

  • Article

    Emerging Threats to Financial Markets

    The greatest danger to the U.S. financial system is the constant assault on reality—the deepfake videos and manipulated AI—that could weaken the system over time. It will be slow, but it will be steady and hard to stop—like financial climate change.

    May 13, 2024

  • Commentary

    Digital Security Increasingly Relies on AI. But That Tech Isn't as Secure as We Think

    In the digital age, trade-offs—like displaying our faces and fingerprints—are all but required to function in society. But the technology charged with securing our information and protecting against theft, fraud, and other potential harms doesn't always work.

    Apr 23, 2024

Explore Cybersecurity

  • News Release

    News Release

    Shortage of Cybersecurity Professionals Poses Risk to National Security

    The nationwide shortage of cybersecurity professionals -- particularly for positions within the federal government -- creates risks for national and homeland security.

    Jun 17, 2014

  • two men working in a bright office

    Report

    Shortage of Cybersecurity Professionals Poses Risk to National Security

    Demand for trained cybersecurity professionals who work to protect organizations from cybercrime is high nationwide, but the shortage is particularly severe in the federal government, which does not offer salaries as high as the private sector.

    Jun 17, 2014

  • satellite image courtesy of NOAA

    Report

    A Safe Way to Implement a Database of Satellite Anomalies

    Satellite anomalies are malfunctions caused by solar particles, cosmic rays, or even space debris. A shared database could help identify solutions to prolong the lifetime of spacecraft that experience problems, and could be implemented in a way that would protect the privacy of the satellite operators.

    Jun 2, 2014

  • hands on a computer keyboard in a dark room

    Commentary

    The Hackers' Bazaar

    Today's cyber black markets have evolved into playgrounds of financially driven, highly organized and sophisticated groups, often connected with traditional crime organizations.

    Apr 11, 2014

  • DPU Soldiers conduct cyber defense exercise

    Commentary

    Russia Hacks a U.S. Drone in Crimea as Cyberwarfare Has Gone Wireless

    For American audiences and policymakers alike, cyber activities in Crimea provide a chilling reminder that cyberspace is emerging as a 21st-century global battlefield.

    Apr 7, 2014

  • Graphic design with blue globe

    Report

    EU Institutions Need Stronger Frameworks for Information Security and Data Protection

    Many legal and policy frameworks govern the use of information and communications technology by European Union institutions and agencies. Unfortunately, they may not sufficiently account for information security and data privacy.

    Apr 1, 2014

  • News Release

    News Release

    Black Markets for Hackers Are Increasingly Sophisticated, Specialized and Maturing

    Black and gray markets for computer hacking tools, services, and byproducts such as stolen credit card numbers continue to expand, creating an increasing threat to businesses, governments, and individuals.

    Mar 24, 2014

  • An analyst looks at code in the malware lab of a cyber security defense lab at the Idaho National Laboratory

    Report

    Black Markets for Hackers Are Increasingly Sophisticated, Specialized, and Maturing

    Black and gray markets for computer hacking tools, services, and byproducts such as stolen credit card numbers continue to expand, creating an increasing threat to businesses, governments, and individuals.

    Mar 24, 2014

  • Report

    Report

    Achieving Higher-Fidelity Conjunction Analyses Using Cryptography to Improve Information Sharing

    Examines the applicability of secure multiparty computation (MPC) protocols as a means to compute the collision probability of two satellites (conjunction analyses) while maintaining the privacy of each operator's orbital information.

    Feb 12, 2014

  • airport security check with passenger walking through metal detector

    Commentary

    The Real Homeland Security Issues for 2014

    Americans should be able to discuss the terrorist threat and how best to meet it, how much of the country’s precious resources should be devoted to homeland security, and the impact intelligence efforts can have on personal privacy and freedom.

    Feb 5, 2014

  • Journal Article

    Journal Article

    Mapping Smart Cities in the EU

    This report was commissioned to provide background information and advice on Smart Cities in the European Union (EU) and to explain how existing mechanisms perform.

    Jan 1, 2014

  • digital globe

    Report

    Case Studies Explore Future Technology Landscapes

    Case studies explore a growing volume of primarily civil technology that can both potentially impact and be exploited as UK defense and security capabilities.

    Dec 5, 2013

  • A protester during a rally against mass surveillance near the U.S. Capitol

    Commentary

    After NSA Spying Revelations, US Must Reform Rules on Secrecy and Data

    The U.S. should make two key reforms. First, the over-designation of material as classified makes it is harder to protect the few real secrets; this must be change. Second, the FISA court must become a gatekeeper for NSA access to communications data.

    Nov 14, 2013

  • Jiuquan Satellite Launch Center, Gansu province

    Commentary

    Satellites for Rent

    Reports earlier this year that the U.S. Department of Defense leased a Chinese satellite to support military operations in Africa sparked concern that the arrangement could compromise control over U.S. military communications, or, worse, allow Chinese intelligence gatherers access to privileged military data.

    Nov 8, 2013

  • Journal Article

    Journal Article

    National-level Risk Assessments: An Analysis Report

    This report is based on a study and analysis of approaches to national-level risk assessment and threat modelling for cyber security which was conducted between April and October 2013.

    Nov 1, 2013

  • President Barack Obama shakes hands with Jeh Johnson during an announcement for Johnson to be his nominee for Secretary of Homeland Security

    Commentary

    Challenges and Opportunities Ahead for New Homeland Security Secretary

    To ensure the Department of Homeland Security makes progress in the current constrained budget environment, its new secretary must put in place a strategic perspective to guide priorities for how to address the country's most pressing problems in disaster management, immigration reform, cybersecurity, violent extremism, and nuclear terrorism.

    Oct 24, 2013

  • two binders marked top secret on a desk

    Report

    Assessing the Department of Defense's Approach to Preventing and Deterring Leaks

    The Department of Defense faces strategic obstacles in stemming disclosures. Media leaks have many causes but few feasible and effective solutions. There is a longstanding organizational culture in DoD that treats leaking classified information to the media as nearly risk-free, which suggests to some that the behavior is acceptable.

    Sep 24, 2013

  • open red cyber lock with circuitboard background

    Journal Article

    Examining Data and Security Breaches and Cyber-Security Strategies

    A review some of the provisions of the European Commission's 2013 proposals for a Network and Information Security Directive highlights specific concerns, including the relationship of incident notification achieving the outcomes of the directive, potential for overlapping regulation and definitions of covered entities.

    Sep 1, 2013

  • Network defender working at the Air Force Space Command Network Operations & Security Center at Peterson Air Force Base in Colorado Springs

    Commentary

    Don't Buy the Cyberhype

    Although the risk of a debilitating cyberattack is real, the perception of that risk is far greater than it actually is, writes Martin Libicki. In fact, a major cyberattack of the kind intelligence officials fear has not taken place in the 21 years since the Internet became accessible to the public.

    Aug 16, 2013

  • server, datacenter, computer, network, room, interior, data, center, networking, rack, hosting, internet, web, framework, farm, workstation, render, pc, tower, cluster, database, business, security, technology, mainframe, equipment, white, processor, ethernet, storage, servers, industry, connection, row, firewall, hardware, service, infrastructure, system, information, domain, host, object, terminal, telecommunication, communication, black, net, connectivity, 3d

    Report

    Stocktaking Military Cyber Defense Capabilities in the European Union

    As the stakes of cyber threats rise, the EU needs to be able to provide a consistent level of cyber defense capability across member states. This stocktaking exercise aimed to inform further action at the EU and national level.

    Jun 3, 2013