In the current cyber-threat environment, a well-educated workforce is critical to U.S. national security. Today, however, nearly six hundred thousand cybersecurity positions remain unfilled across the public and private sectors. This report explores high school cybersecurity competitions as a potential avenue for increasing the domestic cyber talent pipeline. The authors examine the competitions, their reach, and their impact on students’ educational and professional development.

We aim to demonstrate the value of mathematical models for policy debates about technological progress in cybersecurity by considering phishing, vulnerability discovery, and the dynamics between patching and exploitation. We then adjust the inputs to those mathematical models to match some possible advances in their underlying technology.

Adversarial patches are images designed to fool otherwise well-performing neural network-based computer vision models. Although these attacks were initially conceived of and studied digitally, in that the raw pixel values of the image were perturbed, recent work has demonstrated that these attacks can successfully transfer to the physical world. This can be accomplished by printing out the patch and adding it into scenes of newly captured images or video footage.

CSET Senior Fellow Andrew Lohn testified before the House of Representatives Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation at a hearing on "Securing the Future: Harnessing the Potential of Emerging Technologies While Mitigating Security Risks." Lohn discussed the application of AI systems in cybersecurity and AI’s vulnerabilities.

China’s State Key Laboratory system drives the country’s innovation in science and technology. A key part of China’s aim to reduce its dependence on foreign technology, these labs conduct cutting-edge basic and applied research, attract and train domestic and foreign talent, and conduct academic exchanges with foreign counterparts. These laboratories are spread across almost all Chinese provinces except Tibet, with the majority clustered in large coastal cities.

CSET Director Dewey Murdick testified before the Senate Select Committee on Intelligence hearing on "Countering the People’s Republic of China’s Economic and Technological Plan for Dominance." Murdick discussed China's strategy to move towards self-sufficiency in key technologies and steps the United States can take to respond.

CSET Senior Fellow Andrew Lohn testified before the House of Representatives Science, Space and Technology Subcommittee on Investigations and Oversight and Subcommittee on Research and Technology at a hearing on "Securing the Digital Commons: Open-Source Software Cybersecurity." Lohn discussed how the United States can maximize sharing within the artificial intelligence community while reducing risks to the AI supply chain.

CSET Senior Fellow Andrew Lohn testified before the U.S. Senate Armed Services Subcommittee on Cybersecurity hearing on artificial intelligence applications to operations in cyberspace. Lohn discussed AI's capabilities and vulnerabilities in cyber defenses and offenses.

Data Snapshots are informative descriptions and quick analyses that dig into CSET’s unique data resources. This is the fourth in a series of Snapshots exploring CSET’s Private-sector AI-Related Activity Tracker (PARAT). Check in every two weeks to see our newest Snapshot, and explore PARAT, which collects data related to companies’ AI research and development to inform analysis of the global AI sector.

Like traditional software, vulnerabilities in machine learning software can lead to sabotage or information leakages. Also like traditional software, sharing information about vulnerabilities helps defenders protect their systems and helps attackers exploit them. This brief examines some of the key differences between vulnerabilities in traditional and machine learning systems and how those differences can affect the vulnerability disclosure and remediation processes.