UC Berkeley Center for Long-Term Cybersecurity's Avatar

UC Berkeley Center for Long-Term Cybersecurity

@cltcberkeley.bsky.social

Helping society anticipate and address tomorrow's information security challenges, in order to amplify and extend the upside of the digital revolution.

544 Followers  |  86 Following  |  111 Posts  |  Joined: 19.11.2024  |  2.1354

Latest posts by cltcberkeley.bsky.social on Bluesky

An aerial photo of an intersection in a small town neighborhood.

An aerial photo of an intersection in a small town neighborhood.

How can we help the states double down on the safety net of #CyberVolunteering? @cltcberkeley.bsky.social's Grace Menna and Sarah Powazek share expertise on how coordinated action can help these programs and partnerships scale. Read their insights: www.aspendigital.org/blog/states-... #AspenCyber

08.09.2025 18:42 β€” πŸ‘ 5    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
Q3 2025 Center Stakeholders Meeting The Center held its Q3 Stakeholders Meeting on August 20th with Trustee Carolyn Dolezal and Grace Menna, Fellow at UC Berkeley’s Center for Long-Term Cybersecurity. They discussed the power of partner...

CLTC's Grace Menna recently joined the Center for Cyber Safety and Education to discuss the Cyber Resilience Corps and why strong partnerships & collaboration between cyber resilience efforts is essential for building a safer digital future.

​▢️​Watch the replay: www.brighttalk.com/webcast/1992...

03.09.2025 17:05 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Cyber Resilience Corps - CLTC The Cyber Resilience Corps is mobilizing a nationwide force of cyber volunteers to defend the organizations that power our communitiesβ€”nonprofits, rural hospitals, schools, municipalities, and small b...

Learn more about the Cyber Resilience Corps: cltc.berkeley.edu/program/cybe...

And learn how our Cyber Volunteers network is helping to seal the leak: www.cybervolunteers.us/en

#CyberCivilDefense #Take9

02.09.2025 16:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

πŸ’§The EPA's $9M grant to protect water from cyber threats leaves out the small and rural water systems who need the most support.

That's where the Cyber Resilience Corps & DEF CON Franklin step in. Because cybersecurity isn’t just for big players and water is for everyone. Every tap matters. ​⬇️​

02.09.2025 16:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Public Interest Cybersecurity at DEF CON and BSides Las Vegas - CLTC UC Berkeley Center for Long-Term Cybersecurity This August, the CLTC Public Interest Cybersecurity team was out in full force attending β€œhacker summer camp”, a nickname for a collection of cybersecurity and hacking conferences held…

Did you miss DEF CON or BSidesLV? Check out our recap blog w/ highlights from CLTC's Public Interest Cyber team!

The team showcased the Cyber Resilience Corps, a nationwide initiative mobilizing cyber volunteers to protect community orgs from cyber threats.

cltc.berkeley.edu/2025/08/27/p...

27.08.2025 17:32 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
An aerial photo of an intersection in a small town neighborhood.

An aerial photo of an intersection in a small town neighborhood.

The states are leading expansion of #CyberVolunteering. How can we help them double down on this cyber safety net? @cltcberkeley.bsky.social's Grace Menna and @powa-sec.bsky.social share their expertise on what's needed most. Read their insights: www.aspendigital.org/blog/states-... #AspenCyberβ€ͺ

25.08.2025 17:43 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
Preview
States Are Leading on Cyber Volunteering States and communities are leading on expanding cyber volunteering programs, but we can do more to support this burgeoning cyber safety net.

πŸ›‘ Stop talking about states like they are helpless with cybersecurity.

State govts are already taking the lead w/ innovative cyber volunteering programs. Read more in our piece for @aspendigital.bsky.social @cltcberkeley.bsky.social #Take9 #CyberCivilDefense
www.aspendigital.org/blog/states-...

20.08.2025 18:08 β€” πŸ‘ 2    πŸ” 3    πŸ’¬ 1    πŸ“Œ 0
DEF CON Franklin

Our friends @projectfranklin.bsky.social announced the next phase of cyber services for small and rural U.S. water utilities. Franklin is deploying free tools to secure our water - all powered by a scalable, volunteer-driven model.

#CyberCivilDefense

Read more: defconfranklin.com/water_cybers...

11.08.2025 20:28 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
The Roadmap to Community Cyber Defense: A Path Forward from the Cyber Resilience Corps - CLTC Community organizations β€”Β including nonprofits, hospitals, schools, local utilities, city governments, and small businesses β€” deliver vital services to the public, but they are often the least prepare...

Learn more about the β€œThe Roadmap to Community Cyber Defense: A Path Forward from the Cyber Resilience Corps” πŸ—ΊοΈβ€‹ cltc.berkeley.edu/publication/...

08.08.2025 14:41 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Chasing Silicon shadows. Two Chinese nationals are arrested for allegedly exporting sensitive Nvidia AI chips. A critical security flaw has been discovered in Microsoft’s new NLWeb protocol. Vulnerabilities in Dell laptop firmware could let attackers bypass Windows logins and install malware. Trend Micro warns of an actively exploited remote code execution flaw in its endpoint security platform. Google confirms a data breach involving one of its Salesforce databases. A lack of MFA leaves a Canadian city on the hook for ransomware recovery costs. Nvidia’s CSO denies the need for backdoors or kill switches in the company’s GPUs. CISA flags multiple critical vulnerabilities in Tigo Energy’s Cloud Connect Advanced (CCA) platform. DHS grants funding cuts off the MS-ISAC. Helicopter parenting officially hits the footwear aisle.

CLTC's @powa-sec.bsky.social was the latest guest on CyberWire, where she discussed the Cyber Resilience Corps' proposed nationwide roadmap to scale cyber defense for community organizations.

πŸŽ§β€‹ Listen to the episode: thecyberwire.com/podcasts/dai...

#CyberCivilDefense #Take9

08.08.2025 14:41 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
Post image

Please join us for the inaugural Cyber Volunteering Day: an interactive, pragmatic convening for boots-on-the-ground cyber defenders to share best practices and expand services for community infrastructure.

βœ…β€‹ Space is limited β€” save your spot today!
www.eventbrite.com/e/cyber-volu...

06.08.2025 17:59 β€” πŸ‘ 3    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Federal AI Plan Targets β€˜Burdensome’ State Regulations With Congress’s outright ban on state AI laws scrapped, the White House is wielding funding cuts to strong-arm state regulators, critics say.

"By seeking to deregulate the AI market at both the federal and state levels the administration is shifting the responsibility for safety and security to the end user," said @powa-sec.bsky.social.

β€œThis strategy does not work."

Read the @wsj.com article: www.wsj.com/articles/fed...

30.07.2025 18:39 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 1

Thank you once again to all of our fantastic speakers and everyone who made this event possible, especially @craignewmark.bsky.social and Craig Newmark Philanthropies, Okta for Good, and Google. org!!

24.07.2025 13:47 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Four Key Learnings from the 2025 Cyber Civil Defense Summit - CLTC UC Berkeley Center for Long-Term Cybersecurity On June 11, 2025, CLTC hosted its third annual Cyber Civil Defense Summit at the Ronald Reagan Building and International Trade Center in Washington, D.C. This was CLTC’s…

Read the full recap to discover more key insights and quotes from our fantastic roster of Summit speakers:

cltc.berkeley.edu/2025/07/23/f...

24.07.2025 13:47 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

πŸ“’ 3) More outreach is needed to raise awareness and convey the value of free cybersecurity resources available to under-resourced public agencies.

πŸ”β€‹ 4) Private companies can play a greater role in cyber civil defense, including by embracing secure-by-design principles.

24.07.2025 13:47 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

πŸ€β€‹1) A β€˜one-size-fits-all’ approach to cybersecurity standards and resourcing often leaves smaller, underserved communities behind.

πŸ›οΈ 2) Cybersecurity regulation remains a rare area of bipartisan agreement within state legislatures, but funding remains the largest barrier.

(cont)

24.07.2025 13:47 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

We are capping off our #CyberCivilDefense Summit 2025 lookback with a summary blog post, "Four Key Learnings from the 2025 Cyber Civil Defense Summit," authored by CLTC's Shannon Pierson.

Here are just a handful of the numerous highlights that surfaced from throughout the day:

24.07.2025 13:47 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
Emerging Trends in State Cyber Policy During the 2025 Legislative Session | TechPolicy.Press UC Berkeley Center for Long-Term Cybersecurity's Shannon Pierson considers legislation passed in 2025 to surface the trends across states.

Read the full article to learn more about the cybersecurity solutions becoming law in 2025 as well as Pierson's predictions for what's next in state-level cybersecurity policy: www.techpolicy.press/emerging-tre...

22.07.2025 17:23 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

πŸ›οΈ 1. State government agencies were the primary focus of 2025 cybersecurity legislation.

🚌 2. K-12 cybersecurity is receiving greater legislative attention and investment.

πŸ§‘β€βš–οΈβ€‹ 3. Strengthening consumer protections is becoming a legislative priority, with some caveats.

22.07.2025 17:23 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Preview
Emerging Trends in State Cyber Policy During the 2025 Legislative Session | TechPolicy.Press UC Berkeley Center for Long-Term Cybersecurity's Shannon Pierson considers legislation passed in 2025 to surface the trends across states.

In a new piece for @techpolicypress.bsky.social, CLTC's @srpierson.bsky.social shares her analysis of state-level legislation passed in the 2025 legislative session to surface the trends taking place across U.S. states.

🧡 Three prevailing trends surfaced:

www.techpolicy.press/emerging-tre...

22.07.2025 17:23 β€” πŸ‘ 8    πŸ” 2    πŸ’¬ 1    πŸ“Œ 1
Preview
Slashing EPA funding may have downstream cybersecurity impacts on an already vulnerable water sector - CLTC America’s water and wastewater utilities rely on the Environmental Protection Agency for cybersecurity support and guidance. With the EPA’s funding on the Trump Administration’s chopping block, Americ...

πŸ’Έ Read CLTC Senior Fellow @srpierson.bsky.social's analysis, β€œSlashing EPA funding may have downstream cybersecurity impacts on an already vulnerable water sector”: cltc.berkeley.edu/publication/...

16.07.2025 17:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Cybersecurity on Tap As nation-state cyberattacks increase, small and rural water utilities in the US need urgent cybersecurity assistance and scalable support.

Want to learn more?

πŸ’‘ Read Aspen Digital’s latest blog, β€œCybersecurity on Tap: Protecting Local Water Utilities from Digital Threats”:
www.aspendigital.org/blog/water-u...

16.07.2025 17:14 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

🀷 However, several panelists pointed out that many water utilities are unaware of these free resources or that some programs are tailored specifically for them. More work is needed to raise awareness and to convey the value of these free cybersecurity resources available to water systems.

16.07.2025 17:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

Dragos’s Community Defense Program: www.dragos.com/community/co...

The EPA’s Water Sector Cybersecurity Evaluation Program: www.epa.gov/waterresilie...

The EPA’s Cybersecurity Technical Assistance Program: www.epa.gov/waterresilie...

16.07.2025 17:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

What Can be done?

🀝Speakers spotlighted initiatives that support water systems by providing free or discounted cybersecurity services. These included:

Cybersecurity Circuit Rider Program: nrwa.org/cybersecurit...

DEF CON Franklin: defconfranklin.com

(cont.)

16.07.2025 17:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

πŸ†˜ Such disruptions to the water supply can also cripple critical services since virtually every sector depends on reliable access to clean water.

16.07.2025 17:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

What are the risks?

β€οΈβ€πŸ©Ή Cyber attacks on water & wastewater systems pose serious health & safety risks to consumers. Hackers may manipulate chemical dosing in treatment processes to make water unsafe to drink, or sabotage flow control equipment to cause damage to pipes & control systems.

16.07.2025 17:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

⚑Volt Typhoon, a Chinese state-sponsored hacking group, continues to target US water utilities via covert living-off-the-land techniques to facilitate lateral movements to OT assets that may cause service disruptions and/or facility damage in the event of a geopolitical conflict with the US.

16.07.2025 17:14 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

✊ Iran and Russia are increasingly using hacktivist groups as proxies to target US water and wastewater systems by providing them with resources and direction to carry out attacks while maintaining plausible deniability.

16.07.2025 17:14 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0

The conversation focused on emerging threats, the serious risks to public safety, and the urgent need to raise awareness of cybersecurity resources tailored to water utilities.

What threats are trending?

16.07.2025 17:14 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0

@cltcberkeley is following 20 prominent accounts