Tag Archives: computer science

Resources to Understand and Improve Cybersecurity

The SolarWinds cyberhack announced earlier this month is a potent reminder that despite considerable investments of resources and intellect, cybersecurity continues to pose serious challenges to national security, business performance, and public well-being. Cybersecurity is a dynamic process involving human attackers who continue to adapt. Responding requires sustained attention to the cybersecurity posture of individuals, firms, and government and involves both efforts to more effectively and more widely use what is known about improving cybersecurity and efforts to develop new knowledge about cybersecurity. Our titles explore preparedness, response and recovery from cyberattack. All are free to download.

Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop

Implications of Artificial Intelligence for Cybersecurity: Proceedings of a Workshop

In recent years, interest and progress in the area of artificial intelligence (AI) and machine learning (ML) have boomed, with new applications vigorously pursued across many sectors. At the same time, the computing and communications technologies on which we have come to rely present serious …[more]

Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies

Update of Security 101: A Physical Security and Cybersecurity Primer for Transportation Agencies

Since 2009, when NCHRP’s last Security 101 report was released, there have been significant advances in transportation security approaches, including new strategies, programs, and ways of doing business that have increased the security of …[more]

Foundational Cybersecurity Research: Improving Science, Engineering, and Institutions

Foundational Cybersecurity Research: Improving Science, Engineering, and Institutions

Attaining meaningful cybersecurity presents a broad societal challenge. Its complexity and the range of systems and sectors in which it is needed mean that successful approaches are necessarily multifaceted. Moreover, cybersecurity is a dynamic process involving human attackers who continue to …[more]

Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop

Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop

In 2017, researchers discovered a vulnerability in microprocessors used in computers and devices all over the world. The vulnerability, named Spectre, combines side effects from caching and speculative execution, which are techniques that have been used for many years to increase the speed at …[more]

Recoverability as a First-Class Security Objective: Proceedings of a Workshop

Recoverability as a First-Class Security Objective: Proceedings of a Workshop

The Forum on Cyber Resilience of the National Academies of Sciences, Engineering, and Medicine hosted the Workshop on Recoverability as a First-Class Security Objective on February 8, 2018, in Washington, D.C. The workshop featured presentations from several experts in industry, research, and …[more]

Securing the Vote: Protecting American Democracy

Securing the Vote: Protecting American Democracy

During the 2016 presidential election, America’s election infrastructure was targeted by actors sponsored by the Russian government. Securing the Vote: Protecting American Democracy examines the challenges arising out of the 2016 federal election, assesses current technology and standards for …[more]

Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop

Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop

Software update is an important mechanism by which security changes and improvements are made in software, and this seemingly simple concept encompasses a wide variety of practices, mechanisms, policies, and technologies. To explore the landscape further, the Forum on Cyber Resilience hosted a …[more]

Data Breach Aftermath and Recovery for Individuals and Institutions: Proceedings of a Workshop

Data Breach Aftermath and Recovery for Individuals and Institutions: Proceedings of a Workshop

In January 2016, the National Academies of Sciences, Engineering, and Medicine hosted the Workshop on Data Breach Aftermath and Recovery for Individuals and Institutions. Participants examined existing technical and policy remediations, and they discussed possible new mechanisms for better …[more]

Guidebook on Best Practices for Airport Cybersecurity

Guidebook on Best Practices for Airport Cybersecurity

TRB’s Airport Cooperative Research Program (ACRP) Report 140: Guidebook on Best Practices for Airport Cybersecurity provides information designed to help reduce or mitigate inherent risks of cyberattacks on technology-based systems.

Traditional IT infrastructure such as servers, …[more]

At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues

At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues

We depend on information and information technology (IT) to make many of our day-to-day tasks easier and more convenient. Computers play key roles in transportation, health care, banking, and energy. Businesses use IT for payroll and accounting, inventory and sales, and research and development. …[more]

Professionalizing the Nation's Cybersecurity Workforce?: Criteria for Decision-Making

Professionalizing the Nation’s Cybersecurity Workforce?: Criteria for Decision-Making

Professionalizing the Nation’s Cybersecurity Workforce? Criteria for Decision-Making considers approaches to increasing the professionalization of the nation’s cybersecurity workforce. This report examines workforce requirements for cybersecurity and the segments and job functions in …[more]

Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy

Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy

In a world of increasing dependence on information technology, the prevention of cyberattacks on a nation’s important computer and communications systems and networks is a problem that looms large. Given the demonstrated limitations of passive cybersecurity defense measures, it is natural to …[more]

Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities

Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities

The United States is increasingly dependent on information and information technology for both civilian and military purposes, as are many other nations. Although there is a substantial literature on the potential impact of a cyberattack on the societal infrastructure of the United States, …[more]

Data Breach and Ransomware Attacks: Enhancing Resiliency and Safety

This week, a third-party medical billing collections company, American Medical Collection Agency, announced that they had experienced a data breach, exposing the personal and financial information of nearly 20 million LabCorp and Quest Diagnostics customers. At the same time, the City of Baltimore and the Philadelphia city court online system are struggling to respond and recover from ransomware attacks.

Breaches and attacks can be devastating to an individual or an organization. Anyone with important data stored on their computer or network is at risk, including government or law enforcement agencies and healthcare systems or other critical infrastructure entities. Beyond financial loss, the impacts of these actions can threaten personal reputations, national security, and even the safety of children.

Our publications discuss urgent issues related to the resilience of the nation’s computing and communications systems, including the Internet, commercial systems, and other critical infrastructures. All are free to read online or download.

Data Breach Aftermath and Recovery for Individuals and Institutions: Proceedings of a Workshop

In January 2016, the National Academies of Sciences, Engineering, and Medicine hosted the Workshop on Data Breach Aftermath and Recovery for Individuals and Institutions. Participants examined existing technical and policy remediations, and they discussed possible new mechanisms for better …

[more]

Beyond Spectre: Confronting New Technical and Policy Challenges: Proceedings of a Workshop

In 2017, researchers discovered a vulnerability in microprocessors used in computers and devices all over the world. The vulnerability, named Spectre, combines side effects from caching and speculative execution, which are techniques that have been used for many years to increase the speed at …

[more]

Recoverability as a First-Class Security Objective: Proceedings of a Workshop

The Forum on Cyber Resilience of the National Academies of Sciences, Engineering, and Medicine hosted the Workshop on Recoverability as a First-Class Security Objective on February 8, 2018, in Washington, D.C. The workshop featured presentations from several experts in industry, research, and …

[more]

Enhancing the Resilience of the Nation’s Electricity System

Americans’ safety, productivity, comfort, and convenience depend on the reliable supply of electric power. The electric power system is a complex “cyber-physical” system composed of a network of millions of components spread out across the continent. These components are owned, operated, …

[more]

Securing the Vote: Protecting American Democracy

During the 2016 presidential election, America’s election infrastructure was targeted by actors sponsored by the Russian government. Securing the Vote: Protecting American Democracy examines the challenges arising out of the 2016 federal election, assesses current technology and standards for …

[more]

Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop

Software update is an important mechanism by which security changes and improvements are made in software, and this seemingly simple concept encompasses a wide variety of practices, mechanisms, policies, and technologies. To explore the landscape further, the Forum on Cyber Resilience hosted a …

[more]

Foundational Cybersecurity Research: Improving Science, Engineering, and Institutions

Attaining meaningful cybersecurity presents a broad societal challenge. Its complexity and the range of systems and sectors in which it is needed mean that successful approaches are necessarily multifaceted. Moreover, cybersecurity is a dynamic process involving human attackers who continue to …

[more]

At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues

We depend on information and information technology (IT) to make many of our day-to-day tasks easier and more convenient. Computers play key roles in transportation, health care, banking, and energy. Businesses use IT for payroll and accounting, inventory and sales, and research and development. …

[more]

Professionalizing the Nation’s Cybersecurity Workforce?: Criteria for Decision-Making

Professionalizing the Nation’s Cybersecurity Workforce? Criteria for Decision-Making considers approaches to increasing the professionalization of the nation’s cybersecurity workforce. This report examines workforce requirements for cybersecurity and the segments and job functions in …

[more]

Perspectives on Higher Education for the New Academic Year

21st century careers require highly skilled workers with strong technical knowledge as well as the ability to solve problems, think creatively, work collaboratively and function as lifelong learners. Recent National Academies studies dive into some of today’s most urgent higher education issues. We asked the Study Directors of each of the publications featured below to highlight actionable recommendations for universities and other stakeholders.

 

“The number of bachelor’s degrees awarded nationally in computer and information science and support services has surged in recent years, increasing by 74 percent between 2009 and 2015, compared to a 16 percent increase in bachelor’s degrees overall. At the same time, interest in computer science courses among majors and non-majors alike has also grown, reflecting the increasing importance of CS skills across disciplines and occupational fields, and in daily life. This report explores the drivers of and potential strategies for responding to this increased demand, noting that there is no one-size-fits-all solution. Academic institutions should respond with urgency to the current demand while planning for the future role of CS institution-wide, taking deliberate actions to support diversity in their programs.” — Emily Grumbling, Study Officer

Assessing and Responding to the Growth of Computer Science Undergraduate Enrollments

The field of computer science (CS) is currently experiencing a surge in undergraduate degree production and course enrollments, which is straining program resources at many institutions and causing concern among faculty and administrators about how best to respond to the rapidly growing demand. …

[more]

 

“The U.S. system of graduate education for science, technology, engineering, and mathematics (STEM) has long served as an international gold standard by preparing researchers to advance the frontiers of discovery. Given major global challenges such as the rapid innovations in the conduct of research, the role of STEM in the workforce and the economy, and the increasingly diverse backgrounds of students seeking advances degrees, how prepared is the system of graduate education to respond to these changes? The report Graduate STEM Education for the 21st Century calls for cultural change in academic research, which requires adjusting the incentive systems driven in large part by federal and state funding agencies. The incentives often lack alignment with the ideal, student-centric vision of graduate education called for by the committee, which includes support for diverse, equitable, and inclusive learning environments; a system that provides training for mentors and advisors; time and resources for broad career exploration; and increased mental health services. The committee addressed these critical issues, as well as drawing attention to the need for increased data collection in and research on graduate STEM education programs, and provided a series of recommendations to ensure that all stakeholders in the system understand their role in driving change.” — Layne Scherer, Study Officer

Graduate STEM Education for the 21st Century

The U.S. system of graduate education in science, technology, engineering, and mathematics (STEM) has served the nation and its science and engineering enterprise extremely well. Over the course of their education, graduate students become involved in advancing the frontiers of discovery, as …

[more]

 

“The ‘Branches from the Same Tree’ study explored the impact on students of educational approaches that integrate the humanities and arts with science, engineering, and medicine in higher education. The title of the study is based on a quote from Albert Einstein in which he describes the unity of human knowledge, stating ‘all religions, arts, and sciences are branches from the same tree.’ The study committee found that integrative educational approaches are associated with positive student learning outcomes, including increased critical thinking abilities, higher-order thinking and deeper learning, content mastery, problem solving, teamwork and communication skills, improved visuospatial reasoning, and general engagement and enjoyment of learning. The committee found an incredible groundswell of enthusiasm for integrative educational approaches and catalogued over 200 interdisciplinary, transdisciplinary, and multidisciplinary programs and courses at a diverse array of colleges and universities.” — Ashley Bear, Study Officer

The Integration of the Humanities and Arts with Sciences, Engineering, and Medicine in Higher Education: Branches from the Same Tree

In the United States, broad study in an array of different disciplines —arts, humanities, science, mathematics, engineering— as well as an in-depth study within a special area of interest, have been defining characteristics of a higher education. But over time, in-depth study in a major …

[more]

 

“There is a growing concern that the biomedical research enterprise, for all of its many strengths, is beset by several core challenges that undercut its vitality, promise, and productivity and that could diminish its critical role in the nation’s health and innovation in the biomedical industry. This is not a new problem – in fact, reports addressing vulnerabilities in the biomedical research workforce have been issued over the last two decades. The committee for the Next Generation Researchers Initiative investigated conclusions from these earlier reports and identified several impediments to progress over the years. A key impediment has been an absence of shared responsibility for the biomedical research system. Many stakeholders in the system tend to hold the federal government responsible for this system, placing blame for failures at the feet of NIH, the principal funder of biomedical research. Doing so, however, obscures the important role that other organizations, particularly universities, must play in developing and implementing solutions. The committee therefore offered several recommendations specifically for universities, as well as a mechanism for shared oversight of the system.” — Lida Beninson, Study Officer

The Next Generation of Biomedical and Behavioral Sciences Researchers: Breaking Through

Since the end of the Second World War, the United States has developed the world’s preeminent system for biomedical research, one that has given rise to revolutionary medical advances as well as a dynamic and innovative business sector generating high-quality jobs and powering economic output …

[more]

 

“More than 50% of female faculty and staff in higher education and between 20-50% of female students have experienced sexual harassment. Even when the sexual harassment consists of sexist insults or crude behavior, without any unwanted sexual attention or sexual coercion, it can undermine women’s professional and educational attainment and mental and physical health. To stop the pattern of harassing behavior from impacting the next generation of women, a change to the culture and climate in colleges and universities is needed. This report reviews the research on sexual harassment in academia and details how system-wide changes in higher education can be implemented to prevent and address sexual harassment in education and research settings.” — Frazier Benya, Study Officer

Sexual Harassment of Women: Climate, Culture, and Consequences in Academic Sciences, Engineering, and Medicine

Over the last few decades, research, activity, and funding has been devoted to improving the recruitment, retention, and advancement of women in the fields of science, engineering, and medicine. In recent years the diversity of those participating in these fields, particularly the participation …

[more]

Take 5: Top Books for Computer Scientists

Got scientists and engineers on your holiday shopping list? Take five and check out our top gift ideas. NAP books and merchandise make thoughtful gifts for thinking people.

The Future of Computing Performance

The Future of Computing Performance: Game Over or Next Level?

The end of dramatic exponential growth in single-processor performance marks the end of the dominance of the single microprocessor in computing. The era of sequential computing must give way to a new era in which parallelism is at the forefront. Although…
Details

Biometric Recognition

Biometric Recognition: Challenges and Opportunities

Biometric recognition–the automated recognition of individuals based on their behavioral and biological characteristic–is promoted as a way to help identify terrorists, provide better control of access to physical facilities and financial accounts, and…
Details

Toward a Safer and More Secure Cyberspace

Toward a Safer and More Secure Cyberspace

Given the growing importance of cyberspace to nearly all aspects of national life, a secure cyberspace is vitally important to the nation, but cyberspace is far from secure today. The United States faces the real risk that adversaries will exploit…
Details

Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities

Technology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities

The United States is increasingly dependent on information and information technology for both civilian and military purposes, as are many other nations.  Although there is a substantial literature on the potential impact of a cyberattack on the societal…
Details

Proceedings of a Workshop on Deterring Cyberattacks

Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy

In a world of increasing dependence on information technology, the prevention of cyberattacks on a nation’s important computer and communications systems and networks is a problem that looms large. Given the demonstrated limitations of passive cybersecurity…
Details