Information Security

Featured

Technology allows individuals and organizations access to more comprehensive and diverse information, but this access requires that electronic information, networks, data repositories, and data transmissions be adequately safeguarded. RAND has developed a large body of research focused on recognizing the potential threats to information security and data integrity, as well as implications for personal and institutional privacy.

  • Composite image of binary code on a sunset over water

    Report

    The Life and Times of Zero-Day Software Vulnerabilities

    Mar 9, 2017

    Zero-day software vulnerabilities—security holes that developers haven't fixed or aren't aware of—can lurk undetected for years. They are useful in cyber operations and in defensive and academic settings. Whether to disclose or stockpile them is an ongoing debate.

  • A graphic representing an accelerating future

    Article

    Can Humans Survive a Faster Future?

    May 1, 2018

    Life is moving faster and faster. Just about everything—transportation, weapons, the flow of information—is accelerating. How will decisionmakers preserve our personal and national security in the face of hyperspeed?

Explore Cybersecurity

  • A car dashboard computer

    Commentary

    Learning to Stop Worrying and Love the Internet of Things

    Late last month, Fiat Chrysler recalled 1.4 million cars to fix a defect that allowed hackers to imperil drivers from afar. In essence, what was considered a huge threat was converted into a solved or at least solvable problem.

    Aug 4, 2015

  • Testimony

    Strategies for Defending U.S. Government Networks in Cyberspace: Addendum

    Document submitted on July 31, 2015 as an addendum to testimony presented before the House Homeland Security Committee, Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies on June 24, 2015.

    Aug 3, 2015

  • Congressional Briefing Podcast

    Multimedia

    Strategic Rethink: Choices for America in a Turbulent World

    In this July 2015 Congressional Briefing, Ambassador James Dobbins discusses the report he coauthored with Howard Shatz and David Ochmanek, Choices for America in a Turbulent World. This is the first paper in the "Strategic Rethink" project, in which RAND researchers examine the most consequential choices that are likely to face this president and the next.

    Jul 24, 2015

  • Glowing globe

    Project

    The RAND Strategic Rethink Project

    The RAND Strategic Rethink project explores important strategic questions facing the United States, producing a guide for policymakers, citizens, educators, and the media on the most critical global choices and challenges facing the country.

    Jul 23, 2015

  • News Release

    With Upcoming 2016 Election, Global Power Shifts Will Face the Next U.S. President

    Chaos in the Middle East, Russian intervention, Chinese assertiveness in the South China Sea, climate change, and a decline in U.S. military readiness have raised questions about how America envisions its role in a turbulent geopolitical environment. Nevertheless, the world is not falling apart and these difficulties are not beyond the United States' ability to manage.

    Jul 23, 2015

  • World map, connected people icons, and binary code

    Commentary

    War on the Web

    While the U.S. Cyber Command is preparing the nation's defenses for the coming ramp-up in cyberwarfare-like attacks, the messages spread instantly by hordes of attackers through social media may not be receiving the attention they deserve.

    Jul 23, 2015

  • World puzzle

    Report

    Choices for America in a Turbulent World

    Today, the United States faces no existential threat. Rather, it confronts an unusually wide and diverse array of challenges. What strategic choices does it have in dealing with these challenges—and tomorrow's?

    Jul 23, 2015

  • Anti-government protesters at the site of clashes with riot police in Kiev on January 25, 2014

    Commentary

    Reports of Global Disorder Have Been Greatly Exaggerated

    Deterring Russia, channeling growing Chinese power, and working with others to dismantle the Islamic State are daunting challenges—but not greater than rebuilding post-World War II Europe, containing the Soviet Union, ending the Cold War, and promoting democratic governance throughout much of the modern world.

    Jul 22, 2015

  • Identify theft illustration

    Commentary

    U.S. Needs a New Electronic Identity-Protection Strategy to Prevent 'Hybrid Warfare' Attacks

    The U.S. government needs to develop a strategy to protect its citizens that includes a unique identifying number or code and a method for protecting these identity keys in online transactions.

    Jul 6, 2015

  • News Release

    Internet Freedom Software Tools Developed by the United States Do Not Facilitate Cybercrime

    Software tools created by the U.S. State Department to encourage the free flow of information online and on mobile phone networks are not likely to be used by criminals to pursue illegal activities. While some have the potential to be used for illicit purposes, there are numerous alternative technologies that are better suited.

    Jun 30, 2015

  • A smartphone is used to photograph a Red Shirt rally in Bangkok, Thailand

    Report

    Internet Freedom Software Tools Do Not Facilitate Cybercrime

    Software tools created by the U.S. State Department to encourage the free flow of information online and on mobile phone networks are not likely to be used by criminals to pursue illegal activities. While some have the potential to be used for illicit purposes, there are alternative technologies that are better suited.

    Jun 30, 2015

  • Network hub and cable

    Testimony

    Strategies for Defending U.S. Government Networks in Cyberspace

    Hackers, including state and non-state actors, are continuing to find opportunities to penetrate U.S. government networks. Defending these networks will require a systems approach.

    Jun 24, 2015

  • Report

    Issues with Access to Acquisition Data and Information in the Department of Defense: Executive Summary

    This report identifies the problems and challenges associated with sharing unclassified information within the U.S. Department of Defense and investigates the role of policies and practices associated with such sharing.

    Jun 12, 2015

  • News Release

    Companies Are Making Cybersecurity a Greater Priority, but Hackers Still May Be Gaining

    While worldwide spending on cybersecurity is close to $70 billion a year and growing, many chief information security officers believe that hackers may gain the upper hand in two to five years, requiring a continual cycle of development and implementation of stronger and more innovative defensive measures.

    Jun 10, 2015

  • An information security illustration superimposed over a businesswoman holding a tablet

    Report

    Companies Are Prioritizing Cybersecurity, but Hackers Still May Be Gaining

    While spending on cybersecurity is $70 billion a year and growing, many chief information security officers believe that hackers may gain the upper hand in two to five years, requiring a continual cycle of development and implementation of stronger and more innovative defensive measures.

    Jun 10, 2015

  • Report

    Ensuring U.S. Air Force Operations During Cyber Attacks Against Combat Support Systems: Guidance for Where to Focus Mitigation Efforts

    RAND researchers developed a process for prioritizing functions and information systems in assessing mission assurance under cyber attack, a challenge due to the number of systems, range of vulnerabilities, and variety of combat support functions.

    May 29, 2015

  • Events @ RAND Audio Podcast

    Multimedia

    Is Bipartisan National Security Policy Possible in Today's Political Environment?

    Should the United States make a nuclear deal with Iran? What threat do cyber attacks pose to our nation? Should there be intelligence reform? In this Events @ RAND podcast, Mike Rogers speaks to these and other timely national security issues.

    Apr 21, 2015

  • Hand touching tablet behind social media diagram and map

    Commentary

    The Clash of Internet Civilizations: Why Neither Side Should Prevail

    The debate over net neutrality pits two opposing philosophies against each other — one pushing for the continued evolution of the Internet as an open information superhighway, the other asserting that the Internet's evolution needs to take more account of the many ways it is and will be used.

    Apr 10, 2015

  • Eye and technology display

    Report

    Training Cyber Warriors: Lessons from Defense Language Training

    To ensure the U.S. Department of Defense has sufficient numbers of skilled cyber workers, it may need to develop additional training approaches as it plans for broader recruiting and workforce management. Examining how DoD handles foreign language training yields lessons that could be applied to cyber training.

    Mar 16, 2015

  • Network diagram with a lock

    Commentary

    The High Cost of Hacks

    The cyber insurance industry can play a critical role in informing corporations about effective security controls, monitoring the use of those controls, and therefore help reduce the probability and magnitude of breaches. But it may be squandering this opportunity.

    Mar 9, 2015