Policy Papers

Internet Security Governance covers the policy challenges that arise from building and governing security in the Internet’s architecture and key protocols. It is not a description of security for computers and networks (Information Assurance), how to manage the negotiated structure and key functions of the Internet (Internet Governance), or the pursuit of criminal groups and other threat actors (Cyber Crime). Internet Security Governance is the discussion of defensively oriented technical and legal topics that cross national boundaries and/or involve security of the underlying protocols and hardware which make up the Internet...

On July 7, the American Foreign Policy Council (AFPC) held the fourth installment of its Defense Technology Program’s Understanding Cybersecurity lunch briefing series for Congressional Staffers. This event, entitled, “How the Caliphate is Communicating:” Understanding and Countering the Islamic State’s Messaging outlined how and why the Islamic State has been winning the “war of ideas” through the use of social media, and how the group is using social media to further its operations...

Cyber crime covers a wide range of activities that includes theft, fraud and harassment; stealing valuable intellectual property as part of industrial espionage; committing financial fraud and credit card theft; and disrupting internet services for ideological goals (“hacktivism”). The crimes target both firms and consumers, and while they rarely result in physical harm or property damage, there can still be severe consequences...

Is the Islamic Republic of Iran a country or a cause? For decades, the question is one that has bedeviled Western observers. Foreign politicians and diplomats long have struggled to reconcile the Iranian regime’s radical rhetoric and destructive international behavior with its pragmatic participation in numerous treaty arrangements, and its prominent role in various multilateral forums.

Information Assurance is the art and science of securing computer systems and networks against efforts by third parties to disable, intrude, or otherwise impede operations. It is the focus of most “cybersecurity” professionals in the technical community. The principal goals are to maintain an information system’s Confidentiality (the secrecy of information as it is used and stored), Integrity, reliability of data and equipment, and Availability, that a computer system is ready and able to function as needed. Information Assurance includes writing secure software, deploying it safely, and managing it to minimize the risk of compromise.