Announcement / October 2018

Melissa Griffith and Vy-An Phan Chosen to Represent CLTC as 2019 RSAC Security Scholars

The UC Berkeley Center for Long-Term Cybersecurity (CLTC) is pleased to announce that Melissa Griffith, a Ph.D. Candidate in Political Science at UC Berkeley and a CLTC grantee, and Vy-An Phan, a Graduate Student Researcher studying computer science in the Department of Electrical Engineering and Computer Sciences at UC Berkeley, have been chosen to represent CLTC as RSA Conference Security Scholars at the RSA Conference 2019, which will run from March 4–8, 2019 at the Moscone Center in San Francisco. As RSAC Security Scholars, these researchers will connect with leading experts, peers, and conference attendees to share knowledge, experience, and connections to enrich the discourse on how to stay ahead of cyber threats. We interviewed Melissa and Vy-An to learn more about their research interests and hear their thoughts about this opportunity.

Melissa Griffith

Melissa K. Griffith is a Ph.D. Candidate in Political Science at the University of California, Berkeley specializing in cybersecurity, international relations, and security studies. Griffith’s dissertation investigates how relatively small countries, with limited resources, have become significant providers of national cyber defense for their populations. Her work sheds important light on the components and dynamics of cyber power and cyber conflict, as well as the vital role that public-private cooperation and both security and economic policy play in cyber defense. Concurrent research projects on cybersecurity examine (1) industrial policy targeting the maintenance and development of domestic cybersecurity capabilities in Finland and (2) how the EU can better bolster cyber defense for its own institutions and its member states. Griffith is currently an Affiliated Researcher for the Center for Long-Term Cybersecurity (CLTC) and a Visiting Scholar at George Washington University’s Institute for International Science & Technology Policy (IISTP). Previously, she was a Visiting Research Fellow at the Research Institute on the Finnish Economy (ETLA) in Helsinki, Finland from 2017-2018 and a Visiting Researcher at the Université Libre de Bruxelles (ULB) in Brussels, Belgium in Fall 2017. Griffith holds a B.A. in International Relations from Agnes Scott College (2011) and a M.A. in Political Science from the University of California, Berkeley (2014).

Why did you apply to be an RSAC Scholar?
I believe that political scientists must continue to bridge the gap between academic research and practitioners in this space. While my research seeks to make both theoretical and empirical contributions to my own academic discipline’s understanding of conflict, national defense, and cybersecurity, cyber defense is not merely an academic endeavor. The RSAC provides an invaluable opportunity for me to learn from leading industry and policy players as well as share with them my own research and lessons learned.

What are your primary research interests?
International Relations (national cyber defense efforts and the strategic and operational dynamics of cyber conflict).

What do you think are some of the most important emerging areas in cybersecurity?
From a policy standpoint, an important area of persisting concern is the command and communication challenge in the event of a national incident. This is a question of how to effectively and efficiently communicate tasks and priorities laterally (across technical teams, operators, watch officers, etc.) but also vertically (up and down the chain of command into policy bodies) in the event of an unfolding crisis. In terms of an emerging area of focus in cybersecurity more broadly, importantly, increasing attention has been paid to building and maintaining resilient systems or sectors (maintaining the core functions of the broader system despite an attack or incident taking place) in addition to designing and maintaining the security of specific devices or networks.

What are you most looking forward to about the RSA Conference? 
I look forward to learning about the perceived future challenges of the emerging cybersecurity landscape from fellow scholars and leading industry and policy players.

Vy-An Phan

Vy-An Phan is a first-year graduate student studying computer science at UC Berkeley. She has worked with the Qualcomm Cryptographic Operations Group as an intern, and is currently working with Professor Doug Tygar on usable and efficient secure data retrieval and exchange. In her spare time she works as a test writer and supervisor for Science Olympiad and other high school competitions. She enjoys cooking, social deduction board games, and watching BBC panel shows and nature documentaries. After finishing graduate school, she hopes to be a full-time cybersecurity researcher, as well as ride the tallest and fastest roller coasters at every major theme park.

Why did you apply to be an RSAC Scholar?
I applied because I thought it was a good opportunity to meet knowledgeable and like-minded people, and learn new things about not only my current area of research but new advancements in cybersecurity in general.

What are your primary research interests?
Currently, I’m working on secure data accesses and communication. This includes fast and private information retrieval, which can hopefully be applied to our current public key infrastructure and certificate transparency architecture.

What do you think are some of the most important emerging areas in cybersecurity?
Firstly, secure communication: our current public key infrastructure has been problematic for quite some time and has only recently seen wide-scale improvements. Apart from that, hardware security has been a major issue since Spectre and Meltdown were announced, so I think there will definitely be a lot of work to be done in secure hardware design as well as other mitigations like enclaves and sandboxing. There is also a lot of work to be done in machine learning in regard to both robustness against adversarial inputs, training data security, and input data security. So far there have been many promising proposed solutions to these problems, but none of them is entirely perfect yet.

What are you most looking forward to about the RSA Conference? 
I’m extremely excited to talk to everyone and learn about realistic plans to apply all this new research to general use.