兰德公司对网络空间安全防御的建议

The RAND’s Advices on Cybersecurity Defense

网络空间安全当前受到世界各国政府、学术界、企业等的广泛关注。美国国土安全部在2011年发布报告《安全网络的未来蓝图》,定义了能够加强国家网络安全的包括25个关键策略在内的75个策略。兰德公司对该报告提出的策略及这些策略的作用等进行了调研,分析了DHS蓝图的不足,提出用于评估网络安全防御行为的方法,形成报告《网络空间安全规划与预算架构》。该报告采用旭日图的形式表示了网络安全主要目标、支撑该目标的四个策略,以及支撑策略的各级具体策略和活动。本文将对兰德公司的研究结果进行简要介绍。

Cybersecurity is currently receiving widespread attention from governments, academia, and enterprises around the world. The US Department of Homeland Security issued the Blueprint for a Secure Cyber Future in 2011, which defines 75 strategies that can strengthen national cybersecurity, 25 of which are key strategies. The Rand Corporation conducted research on the strategies proposed by the report and the effect of these strategies, analyzed the shortcomings of the DHS blueprint, proposed a method for assessing network security defense behaviors and produced a report A Framework for Programming and Budgeting for Cybersecurity. The report uses the sunburst to represent the main goals of cybersecurity, the four strategies that support the goals, and the specific strategies and activities. This paper will give a brief introduction to the research results of RAND.