Cybersecurity

Featured

Technology allows individuals and organizations access to more comprehensive and diverse information, but this access requires that electronic information, networks, data repositories, and data transmissions be adequately safeguarded. RAND has developed a large body of research focused on recognizing the potential threats to information security and data integrity, as well as implications for personal and institutional privacy.

  • Blue and red cables transmitting data signals, image by Alexey Novikov/Adobe Stock

    Report

    Response Options to Cyberattacks on U.S. Government Networks

    The United States has proved vulnerable to cyber incidents, and a lack of response has emboldened Russia and China to expand their cyber espionage activities. Have U.S. responses changed over time or affected adversary behavior? What lessons do these cases offer for future policymaking?

    Apr 29, 2022

  • Blue binary code and blue swirling lines, photo by metamorworks/Getty Images

    Report

    Preparing for Post-Quantum Critical Infrastructure

    Quantum computers are expected to create vulnerabilities in critical infrastructure. How vulnerable are critical functions, such as distributing electricity and protecting sensitive information? And how can the government help infrastructure owners and operators?

    Aug 18, 2022

Explore Cybersecurity

  • Brochure

    A focus on cybersecurity

    Cybersecurity has risen to become a prominent issue of national and global security for governments and international organisations worldwide. A focus on cybersecurity looks at the issues and details RAND Europe's expertise and work in the area.

    Feb 15, 2018

  • Opening Ceremony of the 2018 Winter Olympics in Pyeongchang, South Korea, February 9, 2018

    Commentary

    Why the 2018 Winter Olympics Are the Perfect Storm for Cyberattacks

    The Olympic Games could invite the most severe cyber threats to a major sporting event in recent years. The location of the Games and increased connectivity, both among the public and infrastructure, make them a prime target for cyberattacks.

    Feb 12, 2018

  • Autonomous vehicles on a highway

    Commentary

    Ensuring Cybersecurity Is Vital for a Driverless Future

    High-profile accidents involving autonomous vehicles (AVs) have led to recent discussions about the physical safety of people. However, it could be argued that consumers and manufacturers should be equally, if not more, concerned about the potential cybersecurity vulnerabilities in AVs.

    Feb 12, 2018

  • Brochure

    Spotlight on 2017

    RAND Europe's annual review, Spotlight on 2017, features some of the objective research and analysis we do to help policy and decision makers keep pace with an ever-changing world.

    Jan 29, 2018

  • Shiny gold Bitcoin coin with gun on black background

    Commentary

    Bitcoin and the Dark Web: The New Terrorist Threat?

    Bitcoin has become the prominent currency of the dark web, which is often used to buy illegal goods, such as weapons and drugs. Anecdotal evidence suggests terrorists are using cryptocurrency and the dark web, but further investigation is needed.

    Jan 22, 2018

  • Report

    Report

    Estimating the Global Cost of Cyber Risk: Methodology and Examples

    This report shares a transparent and adaptable methodology for estimating present and future global costs of cyber risk. The report has a companion Excel-based modeling and simulation platform that allows users to alter assumptions.

    Jan 15, 2018

  • A composite image with hands on a keyboard and a padlock surrounded by a visualisation of a computer network

    Tool

    Estimating the Global Cost of Cyber Risk Calculator

    This Excel-based modeling and simulation tool estimates present and future global costs of cyber attacks and incidents. Users can also alter assumptions to investigate a wide variety of research questions.

    Jan 15, 2018

  • A security lock symbol on computer circuit board

    Report

    Law Enforcement Cyber Center: Final Technical Report

    Cybercrime is a challenge for local and state law enforcement. The Law Enforcement Cyber Center (LECC) was established to provide a resource to combat cybercrime. This report summarizes the LECC's activities and provides recommendations.

    Jan 15, 2018

  • Government agents tracking cybercrime

    Commentary

    How the Pentagon Should Deter Cyber Attacks

    Foreign hackers are not afraid to launch attacks on the United States in cyberspace that they would not dare risk in a real theater of war. As cyber aggression gets worse and more brazen, the U.S. must figure out how to deter foreign actors in cyberspace as effectively as it does in nuclear and conventional warfare.

    Jan 10, 2018

  • Conceptual image of human voice

    Commentary

    Fake Voices Will Become Worryingly Accurate

    New technology can convincingly fake the human voice and create security nightmares. Considering the widespread distrust of the media, institutions, and expert gatekeepers, audio fakery could start wars.

    Jan 8, 2018

  • The new Smart concept autonomous car Vision EQ fortwo model is presented during the Frankfurt Motor Show (IAA) in Frankfurt, Germany, September 12, 2017

    Commentary

    Autonomous Vehicles: Terrorist Threat or Security Opportunity?

    Terrorist groups that track developments in technology could be considering using self-driving cars in place of suicide bombers or for ramming attacks. But autonomous vehicle capabilities offer a range of potential benefits to law enforcement and security operations, too.

    Jan 3, 2018

  • A child poses with a Lego Boost set, a predicted top seller this Christmas, at the Hamleys toy store in London, Britain, October 12, 2017

    Commentary

    Smart Toys May Pose Risks

    Parents shouldn't avoid buying smart toys during the holidays, particularly if these devices top children's Christmas lists. But parents should definitely be wary of the security and privacy risks that smart toys can pose.

    Dec 21, 2017

  • Criminal hiding behind a mask on computer screen asking the owner for money

    Commentary

    The WannaCry Cyber Attack Could Be the First of Many If the NHS Takes No Action

    In the UK, the National Health Service (NHS) was one of the organizations most severely affected by the WannaCry ransomware. The NHS and other public sector organizations need to improve their cybersecurity processes and quickly before a more severe cyber attack takes place.

    Dec 1, 2017

  • Computer hacker with magnifying glass

    Commentary

    It's Time for the International Community to Get Serious About Vulnerability Equities

    Multiple countries around the world are likely discovering, retaining and exploiting zero-day vulnerabilities without a process to properly consider the trade-offs. This needs to change. It’s time for the international community to get serious about vulnerability equities.

    Nov 15, 2017

  • Trading information about Equifax and the company logo are displayed on a screen on the floor of the New York Stock Exchange, September 8, 2017

    Commentary

    The Equifax Breach: Yawn, or Yikes?

    In cases where personal information is exposed, such as the Equifax data breach, it is critical that consumers take steps to ensure their information is not abused. The simplest and perhaps the most effective way to enhance personal digital security is to protect account credentials using password management software.

    Nov 3, 2017

  • Hands typing with visual of computer code

    Multimedia

    Equifax and the Data-Breach Era: How Worried Should We Be?

    Large-scale data breaches like those of Equifax and OPM compromised the personal data of millions of people. What can be done to improve the response to such breaches? In this October 26th congressional briefing, Lillian Ablon and Sina Beaghley address victim and lawmaker reactions, national security implications, and considerations for policymakers.

    Oct 26, 2017

  • Periodical

    Periodical

    RAND Review: November-December 2017

    This issue highlights recent RAND research on post-9/11 military caregivers; RAND-Lex, a computer program built at RAND that can analyze huge data sets of text; and the implications of climate change on Arctic cooperation.

    Oct 19, 2017

  • Credit cards, a chain, an open padlock, and a computer keyboard are visible next to the Equifax logo

    Commentary

    Equifax and the Data-Breach Era

    The personal and financial data of almost 146 million U.S. consumers has been compromised by the Equifax breach, the latest in a long line of high-profile hacks. Do consumers worry enough about such breaches? And what options are available to Congress?

    Oct 18, 2017

  • Tool

    Tool

    Roadmap to Succeed in the Open for the National Geospatial-Intelligence Agency's Human Development Directorate

    This tool provides the National Geospatial-Intelligence Agency's Human Development Directorate with a roadmap for how employees can overcome the hurdles to achieving the agency's missions outside of secure and classified environments.

    Sep 26, 2017

  • Woman using smartphone and laptop with icon graphic cyber security network of connected devices and personal data security

    Commentary

    How to Help Small Businesses Deal with Cyber Threats

    Small businesses are especially vulnerable to cyber threats. What can be done to provide small businesses the security to continue to prosper, while enhancing America's cybersecurity workforce and making the economy more secure?

    Sep 15, 2017