2022年7月,警务文职秘书处代理警务秘书发布了《关键基础设施保护条例》,并邀请公众发表评论。以下链接的提交文件由非洲信息通信技术研究所高级研究助理Scott Timcke博士撰写,重点关注与人工智能风险和网络安全相关的问题。《条例》的许多部分设计良好;RIA提出了两个可以进一步发展的主要领域。首先,可以修改《条例》,以包括定期固定的时间框架,向特定的议会联合委员会、常务委员会和投资组合委员会提交书面报告。这些报告可以加强对有效民主至关重要的制衡。其次,《条例》强调关键基础设施的物理安全,尽管这种理解可以将其扩展到包括网络、财政甚至环境安全因素,这些因素在我们当代同样重要
僵尸网络是感染了恶意软件的计算机网络,攻击者控制并利用它来实现恶意网络活动。决策者可以结合复杂的自适应系统视角来评估他们的组织和直接网络以及整个生态系统是否具有足够的适应性和弹性来响应僵尸网络活动。
Bank runs as a source of systemic risk are nothing new. To manage systemic risks in the age of social media, regulators may need to anticipate where the crisis will go and build in automatic brakes to slow them down. There likely won't be time to react at the speed of negotiation between regulators and bankers.
The Federal Emergency Management Agency (FEMA) operates multiple hazard mitigation assistance (HMA) grant programs as a way to promote a national culture of preparedness and public safety, mitigate the consequences that disasters have for communities and infrastructure, and reduce future draws on the Disaster Relief Fund. The Robert T. Stafford Disaster Relief and Emergency Assistance Act requires FEMA to ensure that these mitigation activities are cost-effective. To determine cost-effectiveness, FEMA currently requires any project seeking HMA grants to include a benefit–cost analysis (BCA), implemented in accordance with Office of Management and Budget Circular A-94. Applicants for mitigation grants have provided extensive feedback that the BCA process is cumbersome and that finding the right data to include in the calculations of costs and benefits is difficult. FEMA is concerned that the administrative burdens and the costs of application processes could discourage subapplicants with fewer resources from applying or place them at a disadvantage in developing quality applications. Furthermore, two 2021 executive orders direct federal agencies to achieve greater equity and fairness in allocating federal resources. Two HMA grant programs have been selected as pilot programs for the corresponding federalwide Justice40 Initiative. The authors found that FEMA's dual goals of equity and simplicity occasionally compete, that FEMA has the authority to implement recommended changes, and that FEMA's approach to BCA differs from those of other federal entities. The authors identify nine changes that FEMA could implement to address the inequities introduced by the use of BCA in the HMA grant process.
Millions of Americans woke up Wednesday morning to find out they weren't going anywhere. Around 6:30 a.m., the Federal Aviation Administration (FAA) announced that its Notice to Air Missions (NOTAM) system had failed. By 9 a.m. the ground stop was lifted, but the damage was already done. Thousands of flights were It appears that the NOTAM outage was the result of a system failure, but the nation's critical infrastructure faces a range of threats—everything from Russian hackers, to weather events, to angry individuals with guns. So, the failure and subsequent air travel chaos brought on by this latest cyber failure could serve as a real-life demonstration of what might happen if risks to critical infrastructure systems are left unaddressed. It is too early to know the exact causes and consequences of the NOTAM failure, but two things are clear: It was bad, and it could have been worse.
如果太空大国之间没有进一步的合作和协议,最终可能会建立多种相互竞争的治理体系,从而进一步增加冲突的可能性。现在是解决这个问题的时候了,这样深空资源的利用就有助于地球和整个太阳系的繁荣、安全和自由。
2017年9月,波多黎各遭受两次大型飓风“伊尔玛”和“玛丽亚”袭击,加剧了波多黎各卫生和社会服务基础设施的现有挑战。事后,波多黎各政府制定了一项长期恢复计划,该计划建立在对飓风造成的损失和波多黎各各地持续需求进行循证评估的基础上。恢复计划的制定得到了联邦紧急事务管理局、其他联邦机构、地方利益攸关方、,以及兰德公司根据与美国国土安全部签订的合同运营的国土安全运营分析中心(HSOAC)的分析 ,HSOAC的研究为恢复计划中针对卫生和社会服务部门的31个行动方案奠定了基础。这些行动是社会、政府、财政和经济政策与改革的结合。这一系列行动为建立更具弹性的卫生和社会服务基础设施以及区域卫生保健网络提供了机会,以确保可靠地获得服务,促进健康和福祉,并更有效地应对公共卫生危机和未来的灾难。这些行动涉及医疗保健、公共卫生和应急准备、环境卫生、心理和行为健康以及社会服务等领域 损失和需求评估以及行动方案涵盖四个主要主题:建设系统在灾害期间和日常时间作出反应的能力;加强卫生和社会服务工作人员队伍;加强对贫困人口的支助服务;以及建立促进健康的社区
美国依靠许多基础设施系统——道路、电网、港口、电信网络、炼油厂等——来履行基本的社会和经济功能。这些系统的破坏可能会造成潜在的重大经济、社会、环境和国家安全后果 ,本报告是用于分析国家基础设施遭受自然灾害风险的数据、方法和分析方法的技术文件和参考文件。该分析包括11个自然灾害和5个基础设施部门。从该数据分析中得出的关于美国基础设施当前和未来暴露的分析结果记录在另一份报告中。该报告记录了每种基础设施类型和危害如何在数据集中表示,以作为数据使用的参考。对于每个分析的危害,本报告包括一个简要的背景,描述潜在的基础设施影响和相关指标;用于汇编危险数据的来源清单;用于分析区域暴露于不同危险严重程度的现有方法、应用或修改的概述。在使用这些数据分析基础设施风险敞口时,重要的是要了解这些信息,以确保分析结果反映数据的范围、准确性和完整性。未能适当使用数据可能会导致分析歪曲风险敞口 ,该报告还概述了用于完成该分析的所有危险和基础设施数据。从该数据分析中得出的关于美国基础设施当前和未来暴露的分析结果记录在另一份报告中
加密数据编程计算(PROCEED)是美国国防高级研究计划局的一个项目,其主要目的是提高算法的效率,使人们能够对加密数据进行计算,而不必解密数据本身。兰德公司被要求评估PROCEED是否可能为美国提供比其全球竞争对手更多的利益。PROCEED扩大了全球密码界的知识库。研究团队的评估重点是PROCEED技术可以被采用的程度、在什么情况下以及用于什么目的。然后,该团队使用生成的分析框架来理解技术吸收决策,以此确定这些因素在俄罗斯和中国相对于美国(以及与美国相似的国家)的作用 ,对俄罗斯和中国有关数据加密、信息安全和数据保护的在线搜索信息的分析得出结论,如果政府批准PROCEED技术,它们在中国的传播将比在俄罗斯更快。在面临与使用PROCEED技术相关的处理处罚时,是否会采用这些技术目前很难确定。如果采用PROCEED,它在美国(以及类似的发达国家)的采用速度可能比在俄罗斯和中国更快,这在很大程度上是因为PROCEED与美国的政治文化相兼容,而在较小程度上是由于它更符合美国的商业环境