Research Library

Cyber Resilience and Social Equity: Twin Pillars of a Sustainable Energy Future

By: Emma Stewart, Remy Stolworthy, Virginia Wright

A report published by the Center for Long-Term Cybersecurity, Cyber Resilience and Social Equity: Twin Pillars of a Sustainable Energy Future, examines the importance of cybersecurity in ensuring equitable access to energy. In an era of worsening cybersecurity threats, the paper advocates for “sustainable energy delivery systems that ensure robust defenses without compromising the goals of reducing energy poverty and ensuring energy security.”

Enhancing Cybersecurity Resilience for Transnational Dissidents

A report published by the Center for Long-Term Cybersecurity, Enhancing Cybersecurity Resilience for Transnational Dissidents, examines the cybersecurity posture, vulnerability, and resilience of exiled women dissidents in the…

A Swarm Intelligence Approach to Prioritizing the CIS Controls V8.0 Implementation

By: Hayat Abdulla Asad Cue, Thirimachos Bourlai, Mark Lupo

Authored by researchers affiliated with CyberArch, a cybersecurity clinic at the University of Georgia’s Carl Vinson Institute of Government (CVIOG), this paper introduces a novel approach for ranking actions outlined in the Center for Internet Security (CIS) framework, a prioritized set of safeguards to help organizations mitigate common cyber attacks.

Improving the Explainability of Artificial Intelligence: The Promises and Limitations of Counterfactual Explanations

By: Alexander Asemota, Improving the Explainability of Artificial Intelligence: The Promises and Limitations of Counterfactual Explanations

A new white paper from the Center for Long-Term Cybersecurity explores diverse approach to explainable artificial intelligence (xAI), focusing on counterfactual explanations, or CTEs. The paper, “Improving the Explainability of Artificial Intelligence: The Promises and Limitations of Counterfactual Explanations,” was authored by Alexander Asemota, a 2023-2024 AI Policy Hub Fellow.

Benchmark Early and Red Team Often: A Framework for Assessing and Managing Dual-Use Hazards of AI Foundation Models

By: Anthony Barrett, Krystal Jackson, Jessica Newman, Nada Madkour, Evan R. Murphy, Benchmark Early and Red Team Often: A Framework for Assessing and Managing Dual-Use Hazards of AI Foundation Models

Authored by Anthony M. Barrett, Krystal Jackson, Evan R. Murphy, Nada Madkour, and Jessica Newman, this report assesses two methods for evaluating the “dual-use” hazards of AI foundation models, which include large language models (LLMs) such as GPT-4, Gemini, Claude 3, Llama 3, and other general purpose AI systems.

The Transaction Costs of Municipal Cyber Risk Management

By: Rowland Herbert-Faulkner

This white paper, The Transaction Costs of Municipal Cyber Risk Management, brings to light the transaction costs associated with municipal cyber risk management, including the costs of searching for information, coordination between parties, drawing up and enforcing contracts, negotiation, inventory and monitoring, and compliance and enforcement. The paper was authored by by Rowland Herbert-Faulkner, a PhD Candidate in the Department of City and Regional Planning at UC Berkeley whose dissertation research focuses on technology governance at the municipal and regional scales.

CLTC 2023 Annual Report

Click below for an overview of highlights from the UC Berkeley Center for Long-Term Cybersecurity’s activities in 2023. Download a PDF version of the 2023 Annual Report:

BreachProphet

By: Ravi Patnala, Mayank Saxena, Meenakshi Sriraman, Jenny Yao, Francisco Laplace

Problem Statement Companies face a constant threat from both internal and external security attacks and incidents. Immediately assessing or predicting cyber risk to the business (products and services)…

LLM-Powered Spear Phishing Detection Solution

By: Caleb Albornoz, Jeff Chang, Gus Maldonado, Charlie Zhang

Problem Statement “Imagine a bustling city street, alive with people going about their daily life. In this action-packed environment, a skilled pickpocket moves with stealth, blending anonymously and…

Representing Privacy Legislation as Business Risks

By: Andrew Chong, Richmond Wong

For this CLTC white paper, researchers Richmond Wong and Andrew Chong used Form 10-K documents — annual regulatory reports for investors that publicly traded companies must file with the U.S. Securities and Exchange Commission (SEC) — to analyze how nine major technology companies assess and integrate the business risks of privacy regulation like the EU’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and the California Privacy Rights Act (CPRA).