As online shopping and personalized digital experiences become commonplace, so, unfortunately, do data breaches and the exploiting of stolen information. According to a recent Pew study, a majority of Americans say they have been personally affected by data theft.
The impact of cybercrime extends beyond the personal: it’s a growing issue for governments and companies tasked with ensuring critical infrastructures are secure. How can energy grids be protected from attacks such as the 2015 cyberassault that left nearly a quarter-million Ukrainians in the dark? What happens when a company’s data are held for ransom? The answers will require more than technical savvy. Coordination between public and private sectors is necessary to develop effective digital and cybersecurity policies.
With these challenges in mind, MIT’s Internet Policy Research Initiative (IPRI) awarded $1.5 million in grants last spring to five research projects at the intersection of internet policy and cybersecurity. According to IPRI founder Daniel Weitzner, “Each project is aimed to support innovative research in [the recipients’] respective fields and result in new insights that can guide policy makers in making wise choices on pressing internet policy challenges.” As these examples show, technology and policy are intertwined in both the problems and the solutions.
Cybersecurity Impacts on International Trade
Principal investigators: Simon Johnson PhD ’89, the Ronald A. Kurtz Professor of Entrepreneurship and Professor of Global Economics and Management; and Stuart Madnick ’66, SM ’69, PhD ’72, the John Norris Maguire Professor of Information Technologies and Professor of Engineering Systems
Internet-enabled products—TVs, smartphones, medical devices, even toys—present unique challenges for global security and international trade policies. Johnson and Madnick—the latter directs the Cybersecurity at MIT Sloan initiative (formerly (IC) 3 )—are examining how governments should deal with the import of items that could be used for malicious purposes, such as spying on citizens. Among their research goals: developing methods to weigh the risks of such imports, exploring the long-term impacts on trade, and developing a framework to guide policy makers as they construct agreements with foreign governments.
Using AI Planning Techniques to Analyze Urban Critical Infrastructure Vulnerabilities
Principal investigator: Howard Shrobe SM ’75, PhD ’78, Principal Research Scientist, CSAIL
From water supplies to transportation networks, urban infrastructure is increasingly reliant on computerized industrial control systems. How can these essential systems be safeguarded against malicious attacks? Shrobe, who directs MIT’s CyberSecurity@CSAIL initiative, is developing a method to automatically detect system vulnerabilities and to generate potential countermeasures that could be integrated with local policy to protect smart cities. A big-picture view will enable informed, long-term policy making, in contrast to what Shrobe calls a piecemeal “patch and pray” approach.