Critical Infrastructure Protection

Featured

Every nation has an obligation to protect essential government, financial, energy, transportation, and other critical infrastructure operations against terrorist activities and natural disasters. RAND addresses homeland security and critical infrastructure needs through objective research that assists national, state, and local agencies in preventing and mitigating terrorist activities, as well as in improving disaster preparedness, response, and recovery.

  • Sign that says Fort Bragg, Home of the Airborne and Special Operations Forces, photo by U.S. Army

    Report

    How to Protect Army Installations from Emerging Threats

    Nov 10, 2020

    Emerging technologies such as drones, 5G communications, smart city systems, and the use of social media disinformation by adversaries all pose potential threats to U.S. Army bases. A new framework can help assess possible solutions and the resources required to defend against these threats.

  • Cyber warfare operators monitor cyber attacks at Warfield Air National Guard Base, Middle River, MD, December 2, 2017, photo by J.M. Eddins Jr./U.S. Air Force

    Commentary

    How the Military Might Expand Its Cyber Skills

    Apr 22, 2021

    The U.S. military will need to improve its software fluency if it wants to be dominant on the battlefields of the future. Ensuring that future leaders in the military develop cyber skills and the ability to interface with technical experts may be increasingly important.

Explore Critical Infrastructure Protection

  • Testimony

    Managing September 12th in Cyberspace

    "The U.S., while worried about a '9/11 in cyberspace,' also ought to worry about what a '9/12 in cyberspace' would look like," warns Martin C. Libicki in testimony presented before the House Foreign Affairs Committee, Subcommittee on Europe, Eurasia, and Emerging Threats on March 21, 2013. The consequences of the reaction to a cyberattack could be more serious than the consequences of the original action itself.

    Mar 21, 2013

  • Red network cables

    Testimony

    Managing September 12th in Cyberspace

    The U.S., while worried about a "9/11 in cyberspace," also ought to worry about what a "9/12 in cyberspace" would look like. The consequences of the reaction to a cyberattack could be more serious than the consequences of the original action itself.

    Mar 20, 2013

  • Globe and computer keyboard

    Commentary

    What Is an Act of Cyberwar? It's a Decision, Not a Conclusion

    Perhaps making war can persuade the attacker to stop. Yet, war also risks further disruption, great cost, as well as possible destruction and death—especially if matters escalate beyond cyberspace, writes Martin Libicki.

    Mar 4, 2013

  • Satellite image of the United States at night

    Report

    Capabilities-Based Planning Can Enhance Energy Security at DoD Installations

    Energy security strategies are needed because DoD installations rely on the U.S. commercial electricity grid which is vulnerable to disruption from natural hazards and actor-induced outages, such as physical or cyber attacks.

    Feb 20, 2013

  • Migrant workers load cucumbers into a truck in Blackwater, Virginia

    Commentary

    Is Enforcement Key to Fixing America's Immigration System?

    The current debate regarding comprehensive immigration reform offers an opportunity to redesign the worksite immigration enforcement system to achieve more efficient enforcement with better intelligence on where undocumented workers are employed, say Andrew Morral and Peter Brownell.

    Feb 15, 2013

  • President Barack Obama's State of the Union address on Capitol Hill in Washington, February 12, 2013

    Blog

    The State of the Union 2013

    The 2013 SOTU address will be remembered for its impassioned call for greater gun control just two months after Sandy Hook. But President Obama's second-term agenda can be characterized by its sheer breadth, reflecting the broad range of policy challenges facing the U.S. today.

    Feb 13, 2013

  • digital globe with data orbits

    Commentary

    The European Cyber Security Strategy: Too Big to Fail?

    The European Cyber Security Strategy is remarkable because it tries to co-ordinate policy across three areas whose competences and mandates were formerly very separate: law enforcement, the 'Digital Agenda', and defence, security, and foreign policy, writes Neil Robinson.

    Feb 8, 2013

  • The towns of Nogales, Ariz., left, and Nogales, Mexico, stand separated by a high concrete and steel fence

    Commentary

    Legalization and Border Security: Are We There Yet?

    The White House and a bipartisan group of senators recently unveiled proposals for comprehensive immigration reform. The proposal raises a number of questions, says Peter Brownell: How would success in securing the border actually be determined? Would it mean absolutely zero unauthorized immigration across U.S. borders?

    Feb 7, 2013

  • digital globe

    Report

    Analysis of Cyber Threats Informs Swedish Strategy

    How do governments characterize cyber threats and what role does law enforcement play in tackling cyber crime in different countries? These are some of the questions RAND Europe investigated on behalf of the Swedish National Defence College to inform the development of the Swedish Cyber Security Strategy.

    Feb 5, 2013

  • At a rally, two women hold signs calling for immigration reform.

    Blog

    Potential Path to Citizenship for Undocumented Immigrants Takes Shape

    A group of U.S. Senators this week unveiled a proposal to reform the nation's immigration laws, outlining a path to citizenship for most of the nation's estimated 11 million undocumented immigrants and endorsing an increase of certain types of foreign-born workers.

    Jan 31, 2013

  • Armed Islamist fighters race near the Mauritania-Mali border

    Commentary

    The Motivations Behind the Amenas Terrorist Attack

    An attack of this complexity would have required months of reconnaissance, planning, recruiting of inside confederates, and training of participants. France's intervention in Mali was used to “justify” an attack that would likely have taken place anyway, writes Brian Michael Jenkins.

    Jan 29, 2013

  • Commentary

    Opening of the European Cybercrime Centre — a Journey Begins

    While the opening of the EC3 at Europol, in line with our first-choice scenario, is very welcome, our study uncovered a range of risks that the EC3 will need to confront if it is to tackle cybercrime in a more coordinated and effective manner, writes Neil Robinson.

    Jan 11, 2013

  • Running a test in a U.S. Air Force cyber lab

    Blog

    A Cybercrisis Is Inevitable — and Manageable

    The United States can manage a cybercrisis by taking steps to reduce the incentives for other states to step into crisis, by controlling the narrative, understanding the stability parameters of the crises, and trying to manage escalation if conflicts arise.

    Jan 9, 2013

  • Binary code and laptops

    Commentary

    A Matter of Degree: Who Can Authorize a Cyberattack?

    Understanding when the United States should engage in cyberwar and who should approve cyberattacks requires understanding that cyberwar has multiple personalities: operational, strategic, and that great gray area in-between, writes Martin Libicki.

    Jan 8, 2013

  • a huge demonstration marched to the federal palace to protest against the draft constitution and the constitutional decree announced by President Mohamed Morsi

    Commentary

    The Mirage of the Arab Spring

    Like it or not, the United States counts among its allies a number of authoritarian Arab countries, and they are essential partners in protecting its interests, writes Seth G. Jones. The normative hope that liberal democracy may flourish in the future must be balanced by the need to work with governments and societies as they exist today.

    Jan 3, 2013

  • Report

    Report

    Cybercrises Can Be Managed with Multiple Strategies

    The chances are growing that the United States will find itself in a crisis in cyberspace. Such crises can be managed by taking steps to reduce the incentives for other states to step into crisis, by controlling the narrative, understanding the stability parameters of the crises, and trying to manage escalation if conflicts arise from crises.

    Jan 3, 2013

  • internet of things tag cloud

    Report

    Examining Europe's Policy Options to Foster Development of the 'Internet of Things'

    The Internet of Things (IoT) may challenge conventional business, market, policy and societal models. This research aims to inform a consistent European policy stance capable of fostering a dynamic and trustworthy IoT that meets these challenges.

    Dec 31, 2012

  • digital globe

    Commentary

    Cyber Operations Can Supplement a War, but They Cannot Be the War

    The U.S. military, with its high-tech systems, must protect itself from cyber threats with much the same careful management that protects it against vulnerabilities associated with, say, explosives. But there can be no choice between boots on the ground and fingers on a keyboard, writes Martin Libicki.

    Dec 19, 2012

  • The Harbor Police K-9 Team explosive detection canine perform a search on luggage at San Diego International Airport

    Commentary

    More Secure or Less Free?

    It is not surprising that people report a willingness to trade convenience, money, and liberty for security. Legal precedent reinforces that decreased civil liberties may be accepted when confronting existential threats with demonstrably effective security—to a point, writes Henry H. Willis.

    Dec 17, 2012

  • Commentary

    Fake Boarding Pass Fears Inflated

    Instead of ratcheting back the PreCheck program because of manufactured fears about security lapses, TSA should be encouraged to expand this program to more airlines, more airports and more infrequent travelers, write Jack Riley and Lily Ablon.

    Dec 12, 2012

  • Topic Synonyms:
  • CIP

Research conducted by