Technology allows individuals and organizations access to more comprehensive and diverse information, but this access requires that electronic information, networks, data repositories, and data transmissions be adequately safeguarded. RAND has developed a large body of research focused on recognizing the potential threats to information security and data integrity, as well as implications for personal and institutional privacy.

  • Composite image of binary code on a sunset over water by Eileen Delson La Russo/RAND, adapted from images by Agil_Leonardo, Matejmo, and Byakkaya/Getty Images


    The Life and Times of Zero-Day Software Vulnerabilities

    Mar 9, 2017

    Zero-day software vulnerabilities—security holes that developers haven't fixed or aren't aware of—can lurk undetected for years. They are useful in cyber operations and in defensive and academic settings. Whether to disclose or stockpile them is an ongoing debate.

  • Woman using smartphone and laptop with icon graphic cyber security network of connected devices and personal data security, photo by oatawa/Getty Images


    How to Help Small Businesses Deal with Cyber Threats

    Sep 15, 2017

    Small businesses are especially vulnerable to cyber threats. What can be done to provide small businesses the security to continue to prosper, while enhancing America's cybersecurity workforce and making the economy more secure?

Explore Cybersecurity

  • Graphic of digital integrated network technology


    A Close Look at Data Thieves

    What do cyberattackers do with the data they steal? And how do they monetize it? Grouping hackers by their goals, motivations, and capabilities can shed light on these questions.

    Mar 15, 2018

  • Cyber grenade


    Getting Ready to Fight the Next (Cyber) War

    Nation-states and their proxies are regularly spying and attacking in cyberspace across national borders. Western societies that are being targeted should do three things: Be less vulnerable, be able to recognize and mitigate the impact of attacks faster, and be prepared to respond in kind to all levels of offense.

    Mar 3, 2018

  • Brochure

    A focus on cybersecurity

    Cybersecurity has risen to become a prominent issue of national and global security for governments and international organisations worldwide. A focus on cybersecurity looks at the issues and details RAND Europe's expertise and work in the area.

    Feb 15, 2018

  • Autonomous vehicles on a highway


    Ensuring Cybersecurity Is Vital for a Driverless Future

    High-profile accidents involving autonomous vehicles (AVs) have led to recent discussions about the physical safety of people. However, it could be argued that consumers and manufacturers should be equally, if not more, concerned about the potential cybersecurity vulnerabilities in AVs.

    Feb 12, 2018

  • Opening Ceremony of the 2018 Winter Olympics in Pyeongchang, South Korea, February 9, 2018


    Why the 2018 Winter Olympics Are the Perfect Storm for Cyberattacks

    The Olympic Games could invite the most severe cyber threats to a major sporting event in recent years. The location of the Games and increased connectivity, both among the public and infrastructure, make them a prime target for cyberattacks.

    Feb 12, 2018

  • Brochure

    Spotlight on 2017

    RAND Europe's annual review, Spotlight on 2017, features some of the objective research and analysis we do to help policy and decision makers keep pace with an ever-changing world.

    Jan 29, 2018

  • Shiny gold Bitcoin coin with gun on black background


    Bitcoin and the Dark Web: The New Terrorist Threat?

    Bitcoin has become the prominent currency of the dark web, which is often used to buy illegal goods, such as weapons and drugs. Anecdotal evidence suggests terrorists are using cryptocurrency and the dark web, but further investigation is needed.

    Jan 22, 2018

  • A security lock symbol on computer circuit board


    Law Enforcement Cyber Center: Final Technical Report

    Cybercrime is a challenge for local and state law enforcement. The Law Enforcement Cyber Center (LECC) was established to provide a resource to combat cybercrime. This report summarizes the LECC's activities and provides recommendations.

    Jan 15, 2018

  • Report

    Estimating the Global Cost of Cyber Risk: Methodology and Examples

    This report shares a transparent and adaptable methodology for estimating present and future global costs of cyber risk. The report has a companion Excel-based modeling and simulation platform that allows users to alter assumptions.

    Jan 15, 2018

  • A composite image with hands on a keyboard and a padlock surrounded by a visualisation of a computer network


    Estimating the Global Cost of Cyber Risk Calculator

    This Excel-based modeling and simulation tool estimates present and future global costs of cyber attacks and incidents. Users can also alter assumptions to investigate a wide variety of research questions.

    Jan 15, 2018

  • Government agents tracking cybercrime


    How the Pentagon Should Deter Cyber Attacks

    Foreign hackers are not afraid to launch attacks on the United States in cyberspace that they would not dare risk in a real theater of war. As cyber aggression gets worse and more brazen, the U.S. must figure out how to deter foreign actors in cyberspace as effectively as it does in nuclear and conventional warfare.

    Jan 10, 2018

  • Conceptual image of human voice


    Fake Voices Will Become Worryingly Accurate

    New technology can convincingly fake the human voice and create security nightmares. Considering the widespread distrust of the media, institutions, and expert gatekeepers, audio fakery could start wars.

    Jan 8, 2018

  • Report

    Gaming Space: A Game-Theoretic Methodology for Assessing the Deterrent Value of Space Control Options

    This report introduces and explains a game-theoretic methodology to help decisionmakers assess the potential effects of alternative approaches to space control.

    Jan 5, 2018

  • Tool

    Defensive Space Analysis Tool (DSPAT): Version 2.0

    This manual explains how to use the Defensive Space Analysis Tool (DSPAT), which was developed to compare alternative approaches to space control in terms of their mission effectiveness, feasibility, escalation risk, and political cost.

    Jan 5, 2018

  • The new Smart concept autonomous car Vision EQ fortwo model is presented during the Frankfurt Motor Show (IAA) in Frankfurt, Germany, September 12, 2017


    Autonomous Vehicles: Terrorist Threat or Security Opportunity?

    Terrorist groups that track developments in technology could be considering using self-driving cars in place of suicide bombers or for ramming attacks. But autonomous vehicle capabilities offer a range of potential benefits to law enforcement and security operations, too.

    Jan 3, 2018

  • A child poses with a Lego Boost set, a predicted top seller this Christmas, at the Hamleys toy store in London, Britain, October 12, 2017


    Smart Toys May Pose Risks

    Parents shouldn't avoid buying smart toys during the holidays, particularly if these devices top children's Christmas lists. But parents should definitely be wary of the security and privacy risks that smart toys can pose.

    Dec 21, 2017

  • Criminal hiding behind a mask on computer screen asking the owner for money


    The WannaCry Cyber Attack Could Be the First of Many If the NHS Takes No Action

    In the UK, the National Health Service (NHS) was one of the organizations most severely affected by the WannaCry ransomware. The NHS and other public sector organizations need to improve their cybersecurity processes and quickly before a more severe cyber attack takes place.

    Dec 1, 2017

  • Computer hacker with magnifying glass


    It's Time for the International Community to Get Serious About Vulnerability Equities

    Multiple countries around the world are likely discovering, retaining and exploiting zero-day vulnerabilities without a process to properly consider the trade-offs. This needs to change. It’s time for the international community to get serious about vulnerability equities.

    Nov 15, 2017

  • Report

    The Creation of the PLA Strategic Support Force and Its Implications for Chinese Military Space Operations

    This report explores the missions and organization of China's Strategic Support Force, created in 2015 to develop and employ space capabilities, in particular launch and operation of satellites to provide C4ISR capabilities for joint operations.

    Nov 10, 2017

  • Hands typing with visual of computer code


    Equifax and the Data-Breach Era: How Worried Should We Be?

    Large-scale data breaches like those of Equifax and OPM compromised the personal data of millions of people. What can be done to improve the response to such breaches? In this October 26th congressional briefing, Lillian Ablon and Sina Beaghley address victim and lawmaker reactions, national security implications, and considerations for policymakers.

    Oct 26, 2017