 Hi. My name is Ann Cleveland. I'm the Executive Director of the UC Berkeley Center for Long-Term Cybersecurity. Last year, along with other founding members from MIT, the University of Alabama, Indiana University, and others, we founded the National Consortium of Cybersecurity Clinics. The National Consortium of Cybersecurity Clinics is a network of university-based cybersecurity clinics that are all working to help public interest organizations improve their cybersecurity defenses free of charge. The model is similar to clinics in law and medicine, where student teams are trained to help organizations at risk of cyberattack to improve their defenses. Clinics in the consortium help organizations ranging from cities and towns to hospitals to human rights activists, journalists, critical infrastructure providers, and small businesses. University-based cybersecurity clinics are a way for public interest technology universities to meet their ideals and responsibilities for public service. The consortium is benefiting PITUN in a couple of ways. First, we're helping existing clinics strengthen and connect with each other. This includes peer networking for faculty, staff, and students in our clinics, and we're creating a clearinghouse of resources for cybersecurity clinics, including curriculum, teaching materials, and operational materials. We're also helping university-based clinics connect to others in the cybersecurity technical assistance field. This would be other allies, other advocates, other providers of training materials, like the Global Cyber Alliance. We're also lowering the barriers for other universities, colleges, and community colleges to create their own clinics, and you can think about this in a few different ways. There's a planning phase for a new clinic, so we're helping people think about questions like, how do I get institutional buy-in? What kind of clients should my clinic serve? Should I start with graduate students or with undergraduates? Another big consideration for clinics is the mechanics of running a clinic, so we're helping people think through the processes and the technical controls that will help keep clinic students and clients safe during a cybersecurity engagement. And of course, then there's curriculum. Consortium members have contributed instructional materials, syllabi, lecture notes, anything that would help a new clinic lower the time to start up. So if you happen to be watching this and you're interested in potentially starting a cybersecurity clinic at your institution, please get in touch. So I think there are three ingredients to good partnerships between PITUN members. First, you have to start with a shared excitement and shared passion around the topic. We just happen to have a group that is really excited about the win-win that is a cybersecurity clinic. This idea that we can train the next generation of cybersecurity professionals while at the same time helping important community and public interest organizations improve their cybersecurity self-defenses. The second ingredient is an ambitious vision. We spent the first few meetings of the National Cybersecurity Clinic Consortium developing a vision that was really inspiring to the membership. The vision of the National Consortium of Cybersecurity Clinics is having a university-based clinic in every state and every region to serve that local community in the next decade. Everybody's motivated to grow and improve their own clinics, but we also have a shared vision and a shared commitment for improving the whole field. And then last but not least, of course you need resources. I can't say enough about what consortium members have contributed on a volunteer basis to stand up the consortium, but communities of practice don't magically convene themselves. Faculty are really busy and they'll vote with their feet if they aren't getting value out of the partnership. So we're incredibly grateful to PI2UN for having provided the seed funding for staff and leadership time to steward the group, to advance an agenda that's more than the sum of the parts, to do outreach and to curate the clearinghouse of resources that we have for clinicians. Hi, I'm Lisa Ho, academic director for MICS, the master of information in cybersecurity degree program at UC Berkeley in the School of Information. When working with cybersecurity clinic clients, one of the things that we've found very valuable to successful outcomes is investing in building trust. Building trust is so important, particularly when doing vulnerability assessments, because it can be disarming and uncomfortable to learn about your weaknesses, especially with smaller organizations. It may feel personal to those involved. So a few of the processes that we've found are helpful in building trust are first, formal processes such as confidentiality agreements that students, faculty and staff sign. These give a baseline level of assurance to clients. Second, even just acknowledging upfront that it may be uncomfortable helps clients get prepared for the mental process and the emotional process involved. Third, at the UC Berkeley's citizen clinic model, the faculty have a key role in establishing a relationship with the client before turning over interviewing to the students. In this way, the clients know that they have a trusted entity that they can turn to if needed. Students are very motivated by the service opportunity to help deserving organizations defend themselves. For students who are already studying cybersecurity, the value of hands-on work with clients is clear. Even if the students are already working cybersecurity professionals, as many in our program are, helping very small organizations on a shoestring budget requires a whole new framing of cybersecurity problems and solutions. Students are excited by that. We also invite students from all across campus who don't have a background in cybersecurity to join the clinic. They're also motivated by the mission of helping organizations who are doing important public service and social justice and humanitarian work. We're reaching out to students with the message that cybersecurity is an essential skill in any domain and there's room in cybersecurity for people with all kinds of backgrounds. Because working with clients requires more than technical expertise, there's the need to do background research on the client's contextual environment. There is interviewing and relationship building with the client, policy and procedure drafting, report writing, training, all kinds of skills are needed. Cybersecurity is both a social and technical domain and cybersecurity clinics help students from all fields see that there is a career path for them in cybersecurity. Where do we see the field of public interest technology in five years? Something we often say here at the UC Berkeley Center for Long-Term Cybersecurity is that cybersecurity is everything where humans and machines intersect that is important enough to be called security. So five years from now, I think we will see to a much greater degree than we see now students from a variety of disciplines being able to see that there is a place for them in the cybersecurity field. Cybersecurity is instrumental and an enabler to so many things that we care about. Democracy, free speech, human rights, functioning cities and public health infrastructure. So for me, seeing the field of public interest cybersecurity recognized as a priority in its own right in the next five years within the field of public interest technology is essential. As I mentioned before, the vision of the National Consortium of Cybersecurity Clinics is to have a university-based clinic in every state and region in the next decade. This is so important if we're going to have the next generation of public interest technologists who are trained to think about the security implications of the technologies that they deploy. And this is not just a technical question, this is about people and policy, human behavior, ethics and economics. So many of our industry colleagues tell us that they need graduates who can, for example, know how to build secure machine learning products. This is just as profoundly essential for the field of public interest technology as it is for industry. Please reach out if you'd like to learn more. You can find us at cltc.berkeley.edu and coming soon, the National Consortium of Cybersecurity Clinics will have a public website at cybersecurityclinics.org. Thanks so much.