Job Announcement / March 2023

Graduate Student Researcher: Cyber Risk Metrics Development for Board of Directors

Job Description:

The UC Berkeley Center for Long-Term Cybersecurity (CLTC) is seeking a Graduate Student Researcher (GSR) to assist with the identification and classification of cybersecurity metrics in current academic literature and periodic company reports. The GSR will subsequently draft a white paper on cyber risk metrics for boards of directors based on the research findings.

The project objective is to develop a systematic overview of the most influential articles and methodologies used in the accounting, information systems, security, law, and governance literature to meet the Securities and Exchange Commission (SEC) and European Securities and Monetary Authority (ESMA) exigences on cyber risk indicators. The findings will then be compared to the current usage of these indicators in the periodic reports of S&P 500 companies.

The Graduate Student Researcher will work together with Prof. Laura Schaffner and join ongoing research at CLTC by using a Systematic Literature and Network Analysis (SLNA) methodology, which is based on data gathered from a citation database of choice, such as Web of Science, Google Scholar or Scopus, as well as the latest periodic reports available of S&P 500 companies.

The product’s methodology includes the following two steps: 

  1. SLR – Systematic Literature Review: the first phase consists of determining the scope and limitations of the existing literature, as well as choosing, analyzing, and isolating the most relevant articles for the reasons indicated. 
  2. BNA – Bibliographic Network Analysis: the second phase includes:
    1. CNA – Citation Network Analysis: groups the articles into clusters based on their content, highlighting the ones that have had the most impact on the study field’s progress. The citation flows resulting from the CNA are then partitioned into “paths” (Strozzi et al., 2017), among which the primary or “main” path is determined, based on the assumption that research works in the same area will cite one another. 
    2. CSA – Citation Score Analysis: detects significant papers that have received a big number of citations throughout time but are not in the above-mentioned citation network, and it can be global (GCSA), global-local (GLCSA) or based on computed indexes; 
    3. KNA – Keyword Network Analysis: gives evidence with regard to prospective patterns and trends in the study field under examination based on the detection of co-occurrences among author chosen keywords, possibly representing, as a consequence, an adequate proxy of the underlying research topics (Ding, Chowdhury & Foo, 2001; Minutiello & Tettamanzi, 2021). 

The following five data science tools and techniques will be used to conduct the SLNA: 

  • VOSviewer: preliminary test for network visualization and co-occurrence keyword network analysis. 
  • Pajek: social network analysis on many citation networks in order to determine the primary or ‘main’ research path(s); 
  • Sci2 Tool: temporal, geographic, topical, and network analysis; 
  • GIMP: display of before-mentioned findings;
  • Scopus analytics: confirm, integrate, or refute results obtained using the tools listed above. 

Upon completion of the project, the results will be integrated into a formal model and will be tested in a practice environment applying a Delphi method using interviews and dialogues with non-executive board members. For performing this second phase, the contract may be prolonged for 10 more weeks.

This GSR appointment is at 20% (8 hours/week) and does not include fee remission. The student must be available to meet in-person on campus twice a week throughout the semester. 


Spring Term 2023 (immediately – May 12, 2023, with a possible extension through August depending on the results from this initial phase of the project)

Required Qualifications:

  • Actively enrolled in a graduate-level degree program at UC Berkeley
  • Interest in performing analysis in the fields of cyber risks/security, accounting and disclosure, and AI
  • Ability to synthesize and paraphrase longer texts very (!) concisely
  • Excellent English writing skills

Preferred Qualifications:

  • Background in cybersecurity, public policy, data science, and/or accounting
  • Enjoy to explore/extant knowledge pertinent to the mentioned topic at higher/ academic/ research level
  • Proficiency in some or all of the following tools: (1) VOSviewer (2) GIMP (3) Pajek (4) Sci2 Tool, and (5) Excel. 


Laura G. Schaffner


Information on GSR salary scales can be found here. The step level for this appointment will be commensurate with experience.


Please prepare a resume and a brief cover note (~250 words) describing your interest in the position and any relevant experience, particularly as it relates to the required and preferred qualifications above. Submit your application using this form.


First review date: March 20, 2023 at 11:59 PM PT

Second Review Date: March 27, 2023 at 11:59 PM PT

Questions: Please email with any questions.