Individuals, public utilities, corporations, election systems, institutions, and social media are all vulnerable to cyberattacks and data breaches. As the number of and damage from these kinds of activities increase, how can we become more cyber resilient? Our reports examine the threats that cyberattacks pose and make recommendations to prevent, respond to, and recover from future incursions. All are free to download.
Data Breach Aftermath and Recovery for Individuals and Institutions: Proceedings of a Workshop
In January 2016, the National Academies of Sciences, Engineering, and Medicine hosted the Workshop on Data Breach Aftermath and Recovery for Individuals and Institutions. Participants examined existing technical and policy remediations, and they …
Securing the Vote: Protecting American Democracy
During the 2016 presidential election, America’s election infrastructure was targeted by actors sponsored by the Russian government. Securing the Vote: Protecting American Democracy examines the challenges arising out of the 2016 federal election, …
Recoverability as a First-Class Security Objective: Proceedings of a Workshop
The Forum on Cyber Resilience of the National Academies of Sciences, Engineering, and Medicine hosted the Workshop on Recoverability as a First-Class Security Objective on February 8, 2018, in Washington, D.C. The workshop featured presentations …
Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop
Software update is an important mechanism by which security changes and improvements are made in software, and this seemingly simple concept encompasses a wide variety of practices, mechanisms, policies, and technologies. To explore the landscape …
Foundational Cybersecurity Research: Improving Science, Engineering, and Institutions
Attaining meaningful cybersecurity presents a broad societal challenge. Its complexity and the range of systems and sectors in which it is needed mean that successful approaches are necessarily multifaceted. Moreover, cybersecurity is a dynamic …
Guidebook on Best Practices for Airport Cybersecurity
TRB’s Airport Cooperative Research Program (ACRP) Report 140: Guidebook on Best Practices for Airport Cybersecurity provides information designed to help reduce or mitigate inherent risks of cyberattacks on technology-based …
Individuals, businesses, governments, and society at large have tied their future to information technologies, and activities carried out in cyberspace have become integral to daily life. Yet these activities – many of them drivers of economic …
Protection of Transportation Infrastructure from Cyber Attacks: A Primer
TRB’s Protection of Transportation Infrastructure from Cyber Attacks: A Primer provides transportation organizations with reference materials concerning cybersecurity concepts, guidelines, definitions, and standards. The primer is a joint product …
The Resilience of the Electric Power Delivery System in Response to Terrorism and Natural Disasters is the summary of a workshop convened in February 2013 as a follow-up to the release of the National Research Council report Terrorism …
At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues
We depend on information and information technology (IT) to make many of our day-to-day tasks easier and more convenient. Computers play key roles in transportation, health care, banking, and energy. Businesses use IT for payroll and accounting, …