News / August 2023

Public Interest Cybersecurity Leaders Engage at White House, BlackHat, DEF CON

Leaders from the Center for Long-Term Cybersecurity’s Public Interest Cybersecurity Program have been on the road participating in a diverse set of panels and conferences, including a White House Summit and the Black Hat and DEF CON 31 hacker conferences.

On August 7, Sarah Powazek, Director of CLTC’s Public Interest Cybersecurity Program, attended “Back to School Safely: Cybersecurity Summit for K-12 School,” a White House convening at which representatives from the Biden-⁠Harris Administration — including First Lady Jill Biden, Secretary of Education Miguel Cardona, and Secretary of Homeland Security Alejandro Mayorkas— announced a series of new actions to strengthen the cyberdefenses of K-12 schools across the country. 

Sarah Powazek at the White House
Sarah Powazek at the White House

The Summit brought together a range of stakeholders — including school superintendents, teachers, funders, administrators, and researchers — to discuss approaches to defending the nation’s 13,000 school districts from ransomware and other online attacks. Powazek met with a range of public- and private-sector leaders, including Marc Rogers, Executive Director of Cybersecurity at Okta and a member of the Ransomware Task Force, as well as representatives from the Office of the National Cyber Director.

The next day, Powazek was in Las Vegas, where she moderated a panel at the UNLV Summit Supporting the National Cyber Workforce and Education Strategy, an event focused on the Biden-Harris Administration’s National Cyber Workforce and Education Strategy (NCWES). Released on July 31, the NCWES provides a roadmap for developing the cybersecurity workforce of the future, including through the continued expansion of cybersecurity clinics in states across the nation. The Summit included leaders from both the private and public sectors, including Kemba Walden, Acting National Cyber Director.

Powazek’s panel, entitled “All Stakeholder Initiative on Cybersecurity Education and Workforce Development,” included Ayan Islam, Director, Cyber Workforce in the Office of the National Cyber Director; Rob Rashotte, Vice President, Global Training & Technical Field Enablement at Fortinet; Amelia Gulling, Founder of GSD Consulting and former VP of Development, Marketing, & Operations for the Robotics Education and Competition Foundation (organizer of Battlebots); and Yoohwan Kim, Professor of Computer Science at the University of Nevada, Las Vegas.

“The panel focused on the importance of training the next generation of cyber defenders, the benefits of a diverse cyber community, and keeping cyber ‘weird’ and open to folks of different educational backgrounds,” Powazek said. “Immediately following the panel, panelists made public commitments to the White House National Cyber Workforce and Education Strategy.” (The stakeholder commitments for the strategy made to date can be found here.)

During that week, Powazek also volunteered for Policy@DEF CON, a group that organizes policy-leaning cyber conversations and panels during the DEF CON conference, and she participated in multiple DEF CON panels, including “Building the Hacker Talent Pipeline Through Workforce and Education Ecosystems,” and “How Hackers Can Work with Government, Industry, Civil Society to Protect High-Risk Communities.” Powazek highlighted the key role that academia — and particularly cybersecurity clinics — can play in cyber defense at the local and state levels.

Sarah Powazek (center) with fellow volunteers for Policy@DEF CON

Powazek also met with leaders like Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency (CISA), as well as government officials from multiple states. She shared how the cybersecurity clinic model provides a pathway for states to tap the talents of students to help secure civic infrastructure, including election systems. “Students are critical cyber defenders, and prove that you don’t need to be an expert to be of service,” she said. “Cyber clinics provide students a way of helping under-resourced organizations across the country with basic cyber hygiene.”

Meanwhile, Tiffany Rad, lead instructor for UC Berkeley’s Citizen Clinic, delivered a presentation at both the Black Hat USA 2023 and DEF CON conferences entitled “Civil Cyber Defense: Use Your Resources to Defend Non-Profits as They Combat Human Trafficking and Subvert Authoritarian Regimes.”

In her talk, Rad shared recommendations for how individuals and organizations can assist vulnerable organizations that are at high risk for online attacks or face advanced and persistent adversaries, but have limited resources. She also spread word about the Google Cybersecurity Clinics Fund, through which universities can receive funding to launch cyber clinics with the support of the Consortium of Cybersecurity Clinics, which CLTC co-founded and helps direct.

Tiffany Rad and Austin Shamlin on stage at the Black Hat Conference in Las Vegas

She was joined by Austin Shamlin, Co-Founder of Traverse Project, a nonprofit working to combat human trafficking networks that is currently receiving assistance from students enrolled in the Citizen Clinic. Shamlin delivered a presentation on Traverse Project, and explained the value of working with students from Citizen Clinic, some of whom have continued to volunteer after their term ended.

Following their presentations, dozens of attendees approached the speakers, many offering to lend their support and asking how to get involved. “A lot of people in this community do a lot of volunteer service and give a lot of their time,” Rad says. “I knew that people with very extraordinary skills were going to be there, skills that we need, including the analytical skills that hackers have, but also fields like law, policy, and management. We need help with all of that, because when we step in and do this work for our clients, it’s not only about technical remediations. It was really a good opportunity to get the word out about what Citizen Clinic and CLTC are doing.”