June 23, 2020

“A New Era for Credit Scoring: Financial Inclusion, Data Security, and Privacy Protection in the Age of Digital Lending”

The Center for Long-Term Cybersecurity (CLTC) has published a new report, A New Era for Credit Scoring: Financial Inclusion, Data Security, and Privacy Protection in the Age of Digital Lending, that examines the trade-offs associated with digital lending platforms in India. By providing small loans to consumers through their mobile phones, lending apps have broadened access to credit for low-income borrowers. But they have also introduced new threats to fairness, privacy, and digital security, as lenders use an array of personal data — including age, location, and even personal contacts — to gauge an individual’s willingness and ability to pay.

June 3, 2020

New Report: Digital Safety Technical Assistance at Scale

“Digital Safety Technical Assistance at Scale,” a report by Sean Brooks, Director of the Center for Long-Term Cybersecurity’s Citizen Clinic program, explores the opportunities and challenges of expanding the digital safety technical assistance resources available to civil society organizations. The report draws in part upon lessons learned from the first two years of operating Citizen Clinic, a first-of-its-kind program that engages interdisciplinary teams of UC Berkeley students to provide digital safety services to politically targeted civil society organizations.

May 5, 2020

Decision Points in AI Governance

“Decision Points in AI Governance” takes an in-depth look at recent efforts to translate artificial intelligence (AI) principles into practice. Authored by CLTC Research Fellow and AI Security Initiative (AISI) Program Lead Jessica Cussins Newman, the report provides an overview of 35 efforts already under way to implement AI principles, and highlights three recent efforts as case studies.

March 18, 2020

Looking Over the Horizon: A Report on Five Years of Growth and Impact at CLTC

  To mark our five-year anniversary, the Center for Long-Term Cybersecurity (CLTC) has produced a new report looking back on what we’ve achieved so far — and where we’re going. “Five years ago, we launched CLTC with a mission to look over the horizon,” wrote Steve Weber and Ann Cleaveland,…

February 5, 2020

“What, So What, Now What?”: Adversarial Machine Learning

  CLTC has launched a new series of “explainer videos” to break down complex cybersecurity-related topics for a lay audience. The first of these videos focuses on “adversarial machine learning,” when AI systems can be deceived (by attackers or “adversaries”) into making incorrect assessments. An adversarial attack might entail presenting…

February 5, 2020

Post-Mortem 2020: Looking Back on CLTC’s Scenarios from 2020

In 2015, CLTC developed a set of scenarios depicting various “cybersecurity futures” for the year 2020. As the year 2020 has arrived, Professor Steve Weber, Faculty Director for CLTC, wrote a post on the CLTC Bulletin assessing those scenarios, including what we foresaw — and what we didn’t.

February 5, 2020

Internet Fragmentation Index

To what extent is the internet “splintering” across national borders? That hotly debated question is at the center of a new research initiative from the Daylight Security Research Lab. The “Internet Fragmentation Index” is a first-of-its kind analysis of how different countries’ internets are (or are not) similar.

January 15, 2020

Resilient Governance for Boards of Directors: Considerations for Effective Oversight of Cyber Risk

This report by the Center for Long-Term Cybersecurity and Booz Allen Hamilton uses insights gleaned from board members with 130+ years of board service across nine industry sectors to offer guidance for boards of directors in managing cybersecurity within large global companies. The report, “Resilient Governance for Boards of Directors: Considerations for Effective Oversight of Cyber Risk,” provides an innovative framework to help boards take a dynamic approach to cybersecurity governance and oversight. The report identifies four “dynamic tensions” likely to shape board governance and oversight of cybersecurity. This includes an organization’s overall risk model or mindset; distribution of cybersecurity expertise on the board; balance between cooperation and competition with other enterprises; and the model for information flows between management and the board.

December 17, 2019

A Public, Private War: How the U.S. Government and U.S. Technology Sector Can Build Trust and Better Prepare for Conflict in the Digital Age

A new report co-published by the Center for Long-Term Cybersecurity and Technology for Global Security (Tech4GS) provides a blueprint for how the U.S. government and private-sector companies can collaborate to prepare for a cyberwar or other massive cyberattack on U.S. interests. Authored by Jonathan Reiber, former Chief Strategy Officer for Cyber Policy and speechwriter in the Office of the Secretary of Defense, “A Public, Private War: How the U.S. Government and U.S. Technology Sector Can Build Trust and Better Prepare for Conflict in the Digital Age” outlines a series of policy recommendations for both the government and companies to improve their preparedness.

December 3, 2019

“CLTC Bulletin” Live on Medium

CLTC has launched a new “publication” on Medium, the popular blogging platform. Designed to be a more informal outlet for our communications, the CLTC Bulletin features news, research and opinions from CLTC staff and researchers. Check it out at https://medium.com/cltc-bulletin.

May 21, 2019

New Report: Cyber Industrial Policy in an Era of Strategic Competition

This report, “Cyber Industrial Policy in an Era of Strategic Competition,” outlines diverse industrial policy approaches that governments can use to bolster their domestic cybersecurity and technology industries. ‘Industrial policy’ refers to non-market efforts by governments to grow sectors of the economy that are deemed to be strategically important, but that are under developed as a result of market dynamics.In their report,  the authors—Vinod K. Aggarwal, Professor of Political Science at UC Berkeley, and Andrew W. Reddie, PhD candidate—argue that cybersecurity is particularly well-suited for government intervention because cyberattacks pose a significant security and economic problem for governments and firms, but growth in the cybersecurity industry has been limited by labor shortages and other challenges.

April 15, 2019

Report: Improving Cybersecurity Awareness in Underserved Populations

“Improving Cybersecurity Awareness in Underserved Populations” highlights how ‘underserved’ residents in San Francisco—including low-income residents, seniors, and foreign language speakers—face higher-than-average risks of being victims of cyber attacks. The report was authored by Ahmad Sultan, a recent graduate of UC Berkeley’s Goldman School of Public Policy, who partnered with officials from the City and County of San Francisco to study the cybersecurity awareness of underserved citizens.

March 28, 2019

2018 CLTC Annual Report

The 2018 Annual Report highlights many of the Center for Long-Term Cybersecurity’s achievements from the year 2018, a year that saw the launch of Citizen Clinic, the world’s first public-interest cybersecurity clinic, as well as a year-long collaboration with the World Economic Forum focused on the future of cybersecurity.

February 11, 2019

Toward AI Security: Global Aspirations for a More Resilient Future

Authored by Jessica Cussins Newman, Research Fellow with the Center for Long-Term Cybersecurity (CLTC), this paper “Toward AI Security: Global Aspirations for a More Resilient Future,” introduces a new framework for global artificial intelligence (AI) security alongisde an analysis of government strategies from around the world, including the US, China, France, and India. The report highlights significant divergences between government approaches to the security implications of AI, but also identifies numerous synergies that can be leveraged to support global coordination.

February 6, 2019

Cybersecurity Futures 2025: Insights and Findings

Produced through a collaboration between the UC Berkeley Center for Long-Term Cybersecurity (CLTC), CNA’s Institute for Public Research (CNA), and the World Economic Forum’s Global Centre for Cybersecurity (C4C), this report includes a set of four scenarios depicting possible futures that could result from the rise of artificial intelligence, ubiquitous sensors, quantum computing, divergent internet regulations, and other trends. The project team convened a series of workshops in seven international cities to engage experts and decision-makers in dialogue about the challenges and opportunities the scenarios depict. The report provides an overview of key findings, as well as the full scenarios themselves.

July 24, 2018

Defending Politically Vulnerable Organizations Online

Authored by Sean Brooks, Research Fellow with the Center for Long-Term Cybersecurity (CLTC), this paper “Defending Politically Vulnerable Organizations Online,” provides an overview of cybersecurity threats to civil society organizations targeted for political purposes, and explores the ecosystem of resources available to help these organizations improve their cybersecurity. The report details how media outlets, human rights groups, NGOs, and other politically vulnerable organizations face significant cybersecurity threats—often at the hands of powerful governments— but have limited resources to protect themselves.

June 7, 2018

Privacy and the Internet of Things: Emerging Frameworks for Policy and Design

This report was published by the UC Berkeley Center for Long-Term Cybersecurity in partnership with researchers from the Internet of Things Privacy Forum. The report provides an overview of some of the key privacy issues resulting from the expansion of the IoT, as well as emerging frameworks that could help policymakers and corporate leaders reduce potential harms through regulation and product design.

April 16, 2018

Cyber Operations in Conflict: Lessons from Analytic Wargames

Authored by researchers from American University and published by the UC Berkeley Center for Long-Term Cybersecurity, this report details findings from a novel experiment that assessed how diverse actors—including nation-states, non-state organizations like ISIS, cyber-activist groups such as Wikileaks, and other groups—are likely to use cyber operations in the context of an escalating conflict.