other instances, security issues emerged as a prominent element of a study as the study unfolded (see, for example, (5) Continued Review of the Tax Systems Modernization of the Internal Revenue Service, 1996;5 (6) Realizing the Potential of C4I, 1999;6 and (7) Embedded, Everywhere, 20017). (Hereinafter, these reports are referenced by number.)

Security issues continue to be an important part of CSTB’s portfolio, and CSTB recently held workshops that explored how to deal with the insider threat to security (2000) and various legal issues associated with protecting critical infrastructure (2001). Though the most recent of the comprehensive reports was issued 2 years ago and the earliest 11 years ago, not much has changed with respect to security as it is practiced, notwithstanding further evolution of the public policy framework and an increase in our perception of the risks involved. The unfortunate reality is that relative to the magnitude of the threat, our ability and willingness to deal with threats have, on balance, changed for the worse (6), making many of the analyses, findings, and recommendations of these reports all the more relevant, timely, and applicable today. This document presents the enduring findings and recommendations from that body of work, and it includes excerpts from three of the reports listed above.

THE NATURE OF CYBERTHREATS

Much of modern life depends on computers and computer networks. For many people, the most visible interaction they have with computers is typing at the keyboard of the computer. But computers and networks are critical for key functions such as managing and operating nuclear power plants, dams, the electric power grid, the air traffic control system, and the financial infrastructure. Computers are also instrumental in the day-to-day operations of companies, organizations, and government. Companies large and small rely on computers to manage payroll, to track inventory and sales, and to perform research and development. Distribution of food and energy from producer to retail consumer relies on computers and networks at every stage. Nearly everyone in business or government

5  

Computer Science and Telecommunications Board, National Research Council. 1996. Continued Review of the Tax Systems Modernization of the Internal Revenue Service: Final Report. National Academy Press, Washington, D.C.

6  

Computer Science and Telecommunications Board, National Research Council. 1999. Realizing the Potential of C4I: Fundamental Challenges. National Academy Press, Washington, D.C.

7  

Computer Science and Telecommunications Board, National Research Council. 2001. Embedded, Everywhere: A Research Agenda for Networked Systems of Embedded Computers. National Academy Press, Washington, D.C.



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement