October is National Cybersecurity Awareness Month. Recent technological advances have placed heightened importance on the development of a safer and more secure cyberspace. How can we improve cybersecurity and best prevent cyberattacks? Our reports reinforce the importance of strengthening our computer and communications systems and networks, and recommend strategies for future research.
Foundational Cybersecurity Research: Improving Science, Engineering, and Institutions
Attaining meaningful cybersecurity presents a broad societal challenge. Its complexity and the range of systems and sectors in which it is needed mean that successful approaches are necessarily multifaceted. Moreover, cybersecurity is a dynamic process involving human attackers who continue to …
Securing the Vote: Protecting American Democracy
During the 2016 presidential election, America’s election infrastructure was targeted by actors sponsored by the Russian government. Securing the Vote: Protecting American Democracy examines the challenges arising out of the 2016 federal election, assesses current technology and standards for …
Decrypting the Encryption Debate: A Framework for Decision Makers
Encryption protects information stored on smartphones, laptops, and other devices – in some cases by default. Encrypted communications are provided by widely used computing devices and services – such as smartphones, laptops, and messaging applications – that are used by hundreds of millions of …
Recoverability as a First-Class Security Objective: Proceedings of a Workshop
The Forum on Cyber Resilience of the National Academies of Sciences, Engineering, and Medicine hosted the Workshop on Recoverability as a First-Class Security Objective on February 8, 2018, in Washington, D.C. The workshop featured presentations from several experts in industry, research, and …
Cryptographic Agility and Interoperability: Proceedings of a Workshop
In May 2016, the National Academies of Sciences, Engineering, and Medicine hosted a workshop on Cryptographic Agility and Interoperability. Speakers at the workshop discussed the history and practice of cryptography, its current challenges, and its future possibilities. This publication …
Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop
Software update is an important mechanism by which security changes and improvements are made in software, and this seemingly simple concept encompasses a wide variety of practices, mechanisms, policies, and technologies. To explore the landscape further, the Forum on Cyber Resilience hosted a …
Data Breach Aftermath and Recovery for Individuals and Institutions: Proceedings of a Workshop
In January 2016, the National Academies of Sciences, Engineering, and Medicine hosted the Workshop on Data Breach Aftermath and Recovery for Individuals and Institutions. Participants examined existing technical and policy remediations, and they discussed possible new mechanisms for better …
Individuals, businesses, governments, and society at large have tied their future to information technologies, and activities carried out in cyberspace have become integral to daily life. Yet these activities – many of them drivers of economic development – are under constant attack from …
At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues
We depend on information and information technology (IT) to make many of our day-to-day tasks easier and more convenient. Computers play key roles in transportation, health care, banking, and energy. Businesses use IT for payroll and accounting, inventory and sales, and research and development. …