This roundtable report explores how practitioners, researchers, educators, and government officials view work-based learning as a tool for strengthening the cybersecurity workforce. Participants engaged in an enriching discussion that ultimately provided insight and context into what makes work-based learning unique, effective, and valuable for the cyber workforce.

System-to-model innovation is an emerging innovation pathway in artificial intelligence that has driven progress in several prominent areas over the last decade. System-level innovations advance with the diffusion of AI and expand the base of contributors to leading-edge progress in the field. Countries that can identify and harness system-level innovations faster and more comprehensively will gain crucial economic and military advantages over competitors. This paper analyzes the benefits of system-to-model innovation and suggests a three-part framework to navigate the policy implications: protect, diffuse, and anticipate.

Federal prize competitions can help the U.S. government build a research and development ecosystem that incentivizes AI and cyber innovation and delivers for the American people. Over the last five years, prize competitions for AI and cyber innovation increased nearly 60%. When leveraged effectively, federal prize competitions offer unique benefits and can advance knowledge within a particular field or solicit solutions for specific government problems.

Artificial intelligence (AI) is beginning to change cybersecurity. This report takes a comprehensive look across cybersecurity to anticipate whether those changes will help cyber defense or offense. Rather than a single answer, there are many ways that AI will help both cyber attackers and defenders. The report finds that there are also several actions that defenders can take to tilt the odds to their favor.

We investigate the scale of attack and defense mathematically in the context of AI's possible effect on cybersecurity. For a given target today, highly scaled cyber attacks such as from worms or botnets typically all fail or all succeed.

Unlike other domains of conflict, and unlike other fields with high anticipated risk from AI, the cyber domain is intrinsically digital with a tight feedback loop between AI training and cyber application. Cyber may have some of the largest and earliest impacts from AI, so it is important to understand how the cyber domain may change as AI continues to advance. Our approach reviewed the literature, collecting nine arguments that have been proposed for offensive advantage in cyber conflict and nine proposed arguments for defensive advantage.

Despite recent upheaval in the AI policy landscape, AI evaluations—including AI red-teaming—will remain fundamental to understanding and governing the usage of AI systems and their impact on society. This blog post draws from a December 2024 CSET workshop on AI testing to outline challenges associated with improving red-teaming and suggest recommendations on how to address those challenges.

As new advanced AI systems roll out, there is widespread disagreement about malicious use risks. Are bad actors likely to misuse these tools for harm? This report presents a simple framework to guide the questions researchers ask—and the tools they use—to evaluate the likelihood of malicious use.

In response to the Office of Science and Technology Policy's request for input on an AI Action Plan, CSET provides key recommendations for advancing AI research, ensuring U.S. competitiveness, and maximizing benefits while mitigating risks. Our response highlights policies to strengthen the AI workforce, secure technology from illicit transfers, and foster an open and competitive AI ecosystem.

In his Tech Policy Press op-ed, Josh A. Goldstein discusses Meta's quarterly threat report, which highlights the discovery of five networks of fake accounts from Moldova, Iran, Lebanon, and two from India attempting to manipulate public debate.