Last April, the Hewlett Foundation announced that it would be winding down its nuclear security program, while at the same time ramping up its new cybersecurity initiative. Originally, Hewlett earmarked around $20 million to the project, which was to be given out over five years to academics and policy groups.
But later in the year, the foundation blew its initial $20 million budget out of the water by pledging $45 million to MIT, Stanford, and UC Berkeley. Each school received $15 million to establish major academic initiatives addressing growing cybersecurity concerns and threats.
Now Hewlett is tapping yet another elite school for its cybersecurity program—this time, with a $380,000 grant to Harvard. Hewlett’s grant to Harvard is a substantially smaller grant compared with the $15 million that went to MIT, Stanford, and UC Berkeley. Its focus is different as well.
The Harvard grant has been allocated to the Berkman Center, and the first part of this project involves engaging top level cybersecurity brainiacs from government, business, academia, and civil society. These practitioners will provide diverse perspectives on issues like surveillance and privacy as well as offer new ideas regarding the role of the state in the promotion of cybersecurity.
The second part of the project involves gathering private data and promoting its use for the greater public good. This would include disclosing cybersecurity vulnerabilities in real time. This part remains a little bit vague as it doesn’t point to exactly what type of cybersecurity vulnerabilities will be disclosed or what potential impact those disclosures could have if revealed in "real time."
Recent security breaches in cyberspace ranging from the Home Depot data breach, to the U.S. indicting five Chinese military hackers for economic espionage, among other charges, surely help to explain Hewlett’s expanded push to get the largely disjointed and nascent field of cybersecurity up and running at full steam.
Why the big investment in universities? Hewlett president Larry Kramer, a former academic himself, has explained that government and industry are already spending billions of dollars to address the most urgent cybersecurity threats. Instead of working that front, Hewlett is looking to bridge the gap between immediate threats and long-term policies. As Kramer has put it:
This is a kind of work that necessarily takes time and that great research universities are uniquely capable of doing. Equally important, there is a shortage of people with the necessary combination of technology and policy expertise needed to develop appropriate policy solutions, and we need to support universities to begin training them and generating a talent pipeline.
It’s important to also note that Hewlett’s cybersecurity program isn’t exclusively funding academic work. Outside of the $45 million committed to MIT, Stanford and UC Berkeley, and the new money going to Harvard, the cybersecurity program has awarded around $2 million in grants so far.
The largest grant of that group was $1 million to the New America Foundation to support the establishment of an interdisciplinary center. The center will bring together big thinkers in international security, technology policy, human rights, social justice, and cybersecurity to help increase cybersecurity awareness and understanding.