Full Report
The idea behind the initiative, details of which CyberScoop is first reporting, is that too much cyber expertise doing volunteer work is uncoordinated. The post Inside a new initiative to lend cybersecurity volunteers to organizations that need it most appeared first on CyberScoop.
Analysis Summary
# Main Topic
**Cyber Resilience Corps Initiative: Coordination of Cybersecurity Volunteer Expertise for Vulnerable Organizations**
The primary narrative concerns the launch of a new initiative, the Cyber Resilience Corps, led by UC Berkeley’s Center for Long-Term Cybersecurity and the CyberPeace Institute. The main goal is to coordinate the efforts of numerous existing cybersecurity volunteer programs to better serve under-resourced and vulnerable organizations susceptible to cyberattacks like ransomware.
## Key Points
- The initiative addresses the problem of uncoordinated volunteer cybersecurity expertise currently available.
- The core target beneficiaries are at-risk community organizations lacking financial resources and talent for cyber resilience, such as schools and nonprofits.
- The project aims to connect existing siloed volunteering programs to improve service delivery and share best practices.
- The effort is backed by over $2 million in grants from Craig Newmark Philanthropies.
- Coalition partners include the Franklin Project, CISA's Joint Cyber Defense Collaborative (JCDC), NGO-ISAC, the Consortium of Cybersecurity Clinics, CyberPeace Builders, and Undisruptable27.
- Information about available volunteers is planned to be shared via a dedicated website.
## Threat Actors
- No specific threat actors or malicious groups were detailed in relation to the remediation efforts, as the focus is on organizing defense volunteers.
- The threats being defended against are characterized generally as "basic cyberattacks like ransomware."
## TTPs
- The context primarily discusses defensive strategies rather than offensive TTPs.
- The identified threats requiring defense include **Ransomware** attacks targeting vulnerable organizations.
- No specific Tactics, Techniques, and Procedures (TTPs) used by attackers were enumerated.
## Affected Systems
- The primary affected group consists of **vulnerable organizations with few resources**, specifically mentioning:
- Schools
- Nonprofits
- The implication is that any system within these organizations is at risk due to lack of inherent cyber resilience.
## Mitigations
- **Coordination and communication** among existing volunteer cybersecurity programs.
- **Leveraging volunteer expertise** to assist organizations with cyber defense.
- **Information sharing** about volunteers through a dedicated platform to facilitate service delivery.
- **Focus on Cyber Resilience** against common threats like ransomware.
## Conclusion
The Cyber Resilience Corps represents a significant organizational effort to centralize and streamline volunteer cyber assistance. While the report does not detail specific ongoing attacks, its existence signals recognition that small, resource-limited organizations are critically exposed to common threats like ransomware and require coordinated external support to build basic cyber resilience.