Skip to the main content

Berklett Cybersecurity


The Internet and the devices attached to it are, in important ways, broken. They are not secure. And yet we depend on them – and treasure the openness that in some ways is at the root of some vulnerability.

Solutions to this problem are not only difficult to develop, but also exquisitely hard to implement. The Internet environment is a distinctly shared space: it comprises many interdependencies and perspectives among the public and private sectors.  Governance of some central functions has been distributed among many parties, both government and private, and undertaken by consensus and practice, rather than formal and by fiat. While a high proportion of Internet infrastructure is private, and some governments have carved out a central role in cybersecurity, action taken by government and corporate actors has been highly fragmented.

Further complicating matters, trust in government – in particular the intelligence community – to help address the mounting concerns around cybersecurity is low. Moreover, the level of engagement by civil society groups and academia has been notably lacking, beyond noting the impact on individual freedom of particular security proposals. Comprehensive cybersecurity frameworks that recognize and build upon the distributed and generative nature of the Internet have not received adequate support, and suffer from a lack of coordination. Basic cybersecurity vulnerabilities are not sufficiently owned by any combination of parties, and actions by stakeholders may not be sufficiently considered with an eye to changes in systemic risk that those actions could cause.

Launched in 2015, the Berklett Cybersecurity project is a unique forum for discussing true and important, and often novel, facts, and perspectives, and achieving surprising consensus on enduring questions of cybersecurity.  The project is led by Prof. Jonathan Zittrain and former National Security Agency (NSA) Director of Compliance John DeLong, in close collaboration with security technologist Bruce Schneier, and Matthew Olsen, the former Director of the U.S. National Counterterrorism Center (NCTC). 

At the heart of the project is an unprecedentedly diverse group of experts who convene regularly to thoughtfully discuss cybersecurity topics core to government, foreign intelligence, law enforcement, civil society, and industry.  The group includes current and former members of the US Intelligence Community and representatives from major technology companies as well as security and policy experts from academia and civil society. In 2016, the project published its first report – “Don’t Panic: Making Progress on the ‘Going Dark’ Debate” – which took on claims and questions around the government finding a landscape that is “going dark” due to new forms of encryption introduced into mainstream products by the companies who offer them. The New York Times’ national security correspondent, David Sanger, described Don’t Panic as “unusual because it involved technical experts, civil libertarians and officials who are, or have been, on the forefront of counterterrorism” and “among the sharpest counterpoints yet” in the encryption debate.  In a speech at MIT in March 2016, Robert Hannigan, then Director of the U.K.’s Government Communications Headquarters (GCHQ), recounted the report as one of “the key contributions of the last few years in my area.”

While the group at times publishes specific reports or articles – attributed to the group as a whole or authored by a subset of its members with input from the full group – the main purpose is to achieve a depth of trusted and honest discussion across a broad range of issues at the intersection of cybersecurity and government to significantly advance thoughtful progress on these complex issues.

This project is supported in part by the William and Flora Hewlett Foundation. 

Our Work 05

Feb 5, 2019

"Don't Panic: Making Progress on the 'Going Dark' Debate" now in Portuguese.

"Don't Panic: Making Progress on the 'Going Dark' Debate" now in Portuguese after translation by ITS Rio

The New York Times
Jun 2, 2018

From Westworld to Best World for the Internet of Things

"While procrastination around security has been vital to the expansion of the internet, 'later' doesn’t mean 'never,'" explains Jonathan Zittrain in this NY Times opinion. "We can…

Sep 13, 2017

Cross-Border Data Access Reform

A Primer on the Proposed U.S.-U.K. Agreement

A brief primer on how cross-border data access requests currently work, options for reform, and major challenges to reform ahead.

Feb 1, 2016

Don't Panic: Making Progress on the "Going Dark" Debate

This report from the Berkman Center's Berklett Cybersecurity Project offers a new perspective on the "going dark" debate from the discussion, debate, and analyses of an…

Mar 25, 2015 @ 6:00 PM

Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World

With Berkman Fellow, Bruce Schneier. Moderated by Jonathan Zittrain with special guests, Yochai Benkler, Joe Nye, Sara Watson and Melissa Hathaway.

In Data and Goliath, security expert Bruce Schneier offers another path, one that values both security and privacy. He shows us exactly what we can do to reform our government…

People 07

Point of Contact