more persistent mechanism for providing ongoing IT expertise and assistance to emergency-response agencies.

LONG-TERM RECOMMENDATIONS: INVESTING IN IT RESEARCH

The three areas of IT research described below have significant promise in helping to reduce the likelihood or impact of a terrorist attack:

  1. Information and network security. Research in information and network security is critically relevant to the nation’s counterterrorism efforts for several reasons.14 First, IT attacks can amplify the impact of physical attacks and lessen the effectiveness of emergency responses; reducing such vulnerabilities will require major advances in information and network security. Second, the increasing levels of damage caused by cybercrime and the tendency to rely on the Internet as the primary networking entity both suggest that the likelihood of severe damage through a cyberattack is increasing. Finally, the evolution of the Internet demonstrates increasing homogeneity in hardware and software, which makes it more vulnerable at the same time that it becomes more critical. To address these problems, more researchers and trained professionals focused on information and network security will be needed. Unfortunately, there are currently fewer researchers in these fields than there were a decade ago.15

  2. New IT for emergency response. C3I (command, control, communications, and information) systems are critical to emergency responders for coordinating their efforts and increasing the promptness and effectiveness of response, i.e., saving lives, treating the injured, and protecting property. The issues raised by C3I for emergency response for terrorist disasters differ from those for natural disasters for several reasons. First, the number of responding agencies, including those from the local, regional, state, and federal levels—with possibly conflicting and overlapping areas of responsibility—increases the level of complexity. Second, there is a need to support immediate rescue and medical operations while also securing the site against further attack. Third, the different agencies—such as rescue, law enforcement, intelligence, and security—often have conflicting needs. For example, security issues distinguish terrorist attacks from natural disasters: In the former, security against further attack is essential and must be provided, but security also generally interferes with immediate operations.

  3. New IT for detection, prevention, remediation, and attribution of attacks. Information fusion promises to play a central role in countering future terrorist

14  

CSTB (1990, 1999b, 2001a).

15  

“Boehlert Gives Cyber Security Address at ITAA Forum,” December 12, 2001. Available online at <http://www.house.gov/boehlert/itaaspeech1212.htm>.



The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement