How can the United States protect cyberspace, the "control system of our country," without restricting the open "flow of information on the Internet"? What should countries consider when developing international cybersecurity standards and protocol? What should their citizens know to protect their information and their rights? Cybersecurity Policy Research Links provide news, background information, legislation, analysis, and international efforts to protect government and the public's information.
The U.S. government's effort to persuade other countries to adopt norms of responsibility for cyberspace faces a significant obstacle: computers located in the United States host much of the malicious software used to carry out cyberattacks. Robert K. Knake explains.
The Islamic State, or ISIS, is the first terrorist group to hold both physical and digital territory: in addition to the swaths of land it controls in Iraq and Syria, it dominates pockets of the Internet with relative impunity. But it will hardly be the last. Although there are still some fringe terrorist groups in the western Sahel or other rural areas that do not supplement their violence digitally, it is only a matter of time before they also go online.
Recent terrorist attacks and resulting questions about the limits of surveillance have rekindled debate about how governments should deal with the challenges of powerful, commercially available encryption. With active debate in the United States and Western Europe surrounding this issue, it is instructive to note that Israel has been regulating encryption for decades.
Beginning with the Stuxnet virus launched by the United States at an Iranian nuclear facility in 2010 and continuing through to the most recent Sony hacking scandal, A Hacked World Order exposes how the Internet has ushered in a new era of geopolitical maneuvering and reveals the tremendous and terrifying implications for our economic livelihood, security, and personal identity.
Policymakers around the world are increasingly concerned about the security of information and communications technology (ICT) supply chains. Danielle Kriz explains how the U.S. government can defend its ICT supply chains against counterfeit products, malicious code, and cyberattacks.
This bill would require websites and technology firms to share user information with the government if the government wants the information to response to a cyber threat. Critics of the bill say it is similar to Cyber Intelligence Sharing and Protection Act (CISPA), which did not pass the Senate two years ago.
With over 40 percent of the world's population now online, the Internet has revolutionized the way the world communicates. But with fast evolving technology, a proliferation of actors with access to the Internet, and an absence of international consensus on what should be permissible, the gap between existing world arrangements and the challenges posed by the Internet is in fact widening.
With the U.S. government still dealing with the fallout from the cyber theft of over twenty million personnel records in 2014—one of the largest data breaches in history—a new book from Council on Foreign Relations Senior Fellow Micah Zenkoreveals how red teams might have helped avoid such adisaster.
As offensive cyber activity becomes more prevalent, policymakers will be challenged to develop proportionate responses to disruptive or destructive attacks. Tobias Feakin outlines the variables that each state should consider in determining the appropriate response to a state-sponsored cyber incident.
Hackers are often mistakenly portrayed in popular culture as inarticulate geeks donning hoodies or ninja suits. However, the opposite is true, and policymakers in Washington could benefit from a deeper understanding of who hackers are and what they have to offer.
Learn more about CFR’s mission and its work over the past year in the 2016 Annual Report. The Annual Report spotlights new initiatives, high-profile events, and authoritative scholarship from CFR experts, and includes a message from CFR President Richard N. Haass. Read and download »