Inside a new initiative to lend cybersecurity volunteers to organizations that need it most – Tim Starks
– [[{“value”:”
A cybersecurity volunteering initiative is launching Tuesday in a bid to aid vulnerable organizations that have few resources — like schools and nonprofits — by leveraging potentially thousands of cyber pros who can provide free expertise.
The University of California, Berkeley’s Center for Long-Term Cybersecurity and the CyberPeace Institute are leading the project dubbed the Cyber Resilience Corps, full details of which CyberScoop is first reporting.
“At the core of this project is the idea that at-risk community organizations are really on their own regarding cyber resilience and defending themselves against basic cyberattacks like ransomware,” said Sarah Powazek, director of the center’s public interest cybersecurity program and one of the co-chairs of the project.
“There are all these very small, community-based organizations that really don’t meet the threat of a national security threat, so they really don’t get the full force of the federal government to their assistance, and they have really nowhere else to turn,” she said. “If they don’t have the money, if they don’t have the talent and resources to protect themselves, they’re out of luck.”
The initiative counts as partners a variety of organizations and people who have been participating in volunteer efforts, including the newly announced Franklin Project that came out of this year’s DEFCON cybersecurity conference; the Cybersecurity and Infrastructure Security Agency’s Joint Cyber Defense Collaborative; the non-governmental organizations information sharing and analysis center, otherwise known as NGO-ISAC; the Consortium of Cybersecurity Clinics; the CyberPeace Builders; the also newly announced Undisruptable27; Ray Davidson, who was a program manager for the Michigan Cyber Civilian Corps; and Michael Razeeq, an attorney who has written on, studied and talked about cyber volunteer initiatives.
“What we’re really trying to do with this project is connect each other so that we can serve more people and more communities and serve them better,” Powazek said. “Instead of just having 10 siloed volunteering programs, we have everyone communicating, coordinating and sharing best practices.”
Backed by more than $2 million in grants from Craig Newmark Philanthropies to the center and institute leading the initiative, the groups plan to share information about volunteers on a dedicated website as one way to reach those who could benefit from their services rather than relying on word-of-mouth.
“When we first launched, we would go out to folks and say, ‘Hey, we’re a bunch of hackers trying to give you free services.’ That sounded pretty shady,” said Adrien Ogée, the institute’s chief operations officer and another co-chair of the initiative. “One of the other strategies for us has been to leverage the seal of approval from the authorities,” such as Newmark.
Another part of the initiative will be to map where volunteers are serving by region of the country and the type of organization they serve. The number of volunteers counted so far is in the thousands, Powazek said. But the universe of people who could volunteer is likely far larger, said Ogée: as many as 200,000, based on the size of the cyber workforce and the percentage of Americans who volunteer.
“There’s extraordinary goodwill and extraordinary expertise out there, but it’s ad hoc and uncoordinated at this point in time,” said Ann Cleaveland, executive director of the center and also a co-chair of the project. Coordinating that work without seeming to be a “top-down” initiative will be one of the biggest challenges, Powazek said.
Another longer-term goal for the initiative is creating a world where volunteer solutions aren’t the only ones available to organizations like rural hospitals and water districts, municipalities and small businesses.
“As much as we are trying to put emphasis on cyber volunteering, and as much as we are profound believers in that solution as a short-term solution to bridge the talent gap to service those underresourced organizations, at the same time, we’re very mindful of not making it a long-term solution or creating a dependency amongst the communities we’re serving,” Ogée said. “Because it isn’t right that we have to resort to volunteers to help those organizations. There should be public resources attributed to helping the most vulnerable.”
The post Inside a new initiative to lend cybersecurity volunteers to organizations that need it most appeared first on CyberScoop.
“}]] – Read More – CyberScoop