E61 - Cybersecurity's Last Mile Problem

Posted on July 1, 2025 • 4 min read • 672 words
Community Defense   CLTC   Public Sector   Policy   CISA   Resilience  
Community Defense   CLTC   Public Sector   Policy   CISA   Resilience  
Share via
UC Berkeley CLTC’s roadmap for community cyber defense: hospitals, schools, utilities, and local governments face enterprise-grade threats with minimal resources. Five building blocks for community resilience.
Weekly Risk Intelligence Brief   The 30-Second Brief   The Community Defense Gap   Who’s Most Vulnerable   Five Building Blocks of Community Cyber Defense   1. Trust-Building   2. Service Provision   3. Information Sharing   4. Policy & Governance   5. Sustainability   Policy Recommendations   What Leaders Should Do Now   The Bottom Line  
E61 - Cybersecurity's Last Mile Problem

By FIR Risk Advisory | Cybersecurity Fraud Intelligence

Weekly Risk Intelligence Brief  

Source: UC Berkeley CLTC — The Roadmap to Community Cyber Defense (June 2025)

The 30-Second Brief  

UC Berkeley’s Center for Long-Term Cybersecurity published a strategic roadmap for community cyber defense. The premise: the organizations most vulnerable to cyberattacks — nonprofits, hospitals, schools, utilities, local governments, and small businesses — are the ones least equipped to defend themselves.

This is cybersecurity’s last mile problem. Enterprise security has matured. Community security hasn’t. And attackers know it.

The Community Defense Gap  

Who’s Most Vulnerable  

The organizations that form the backbone of communities — hospitals, school districts, water utilities, local governments, nonprofits — face the same threat actors as Fortune 500 companies. But they operate with a fraction of the budget, talent, and tooling.

These aren’t edge cases. They’re the majority of organizations in the United States. And they’re increasingly targeted because attackers know the defenses are thin.

INTEL [SECTOR ALERT]: Community organizations — hospitals, schools, utilities, local governments, nonprofits — face enterprise-grade threats with minimal security resources. Attackers increasingly target these organizations precisely because defenses are thin. Federal and state cyber programs must prioritize closing this gap.

Five Building Blocks of Community Cyber Defense  

CLTC identifies five foundational capabilities for building community-level cyber resilience:

1. Trust-Building  

Ground relationships in community needs and mutual benefit. Cyber defense at the community level requires trust between government agencies, nonprofits, and private sector partners before a crisis hits.

2. Service Provision  

Deliver practical cybersecurity services — threat monitoring, incident response, vulnerability assessments — to organizations that can’t build these capabilities internally.

3. Information Sharing  

Facilitate trusted, contextual information exchanges. Community organizations need threat intelligence tailored to their sector and scale, not enterprise-grade feeds they can’t operationalize.

4. Policy & Governance  

Establish inclusive decision-making and oversight frameworks. Community cyber defense requires governance structures that include the organizations being defended, not just the agencies providing defense.

5. Sustainability  

Design for long-term viability through diversified funding and workforce development. Grant-funded pilot programs aren’t enough — community cyber defense needs sustainable funding models.

INTEL [GLOBAL RECOMMENDATION]: CLTC’s five building blocks — trust, services, information sharing, governance, and sustainability — provide a framework for community cyber defense. Organizations involved in regional cyber capacity-building should use this roadmap to structure their programs. The gap between enterprise and community security is where the next wave of attacks will concentrate.

Policy Recommendations  

Federal and state investments should target:

  • Regional cyber hubs serving local governments, nonprofits, and small businesses — centralized expertise for organizations that can’t hire their own security teams
  • Digital civil defense corps — scaling skilled volunteerism to extend cybersecurity expertise into underserved communities
  • Equity-focused policy design — ensuring vulnerable communities receive proportionate resources, not just the organizations with the loudest advocacy

INTEL [REGULATORY]: CLTC recommends federal investment in regional cyber hubs, digital civil defense corps, and equity-focused cyber policy. These aren’t aspirational — they’re practical models that can be funded and deployed. State and federal policymakers should evaluate these recommendations against current CISA and state-level cyber grant programs.

What Leaders Should Do Now  

  1. Engage with regional cyber capacity-building — If your organization serves community infrastructure, participate in regional cyber defense initiatives. The threat landscape affects your partners and supply chain too.

  2. Support digital infrastructure funding — Advocate for public-interest cybersecurity funding in your policy engagement. Community security is supply chain security.

  3. Share expertise — Enterprise security teams have knowledge that community organizations desperately need. Structured volunteer programs, mentorship, and information sharing are force multipliers.

The Bottom Line  

Cybersecurity’s last mile problem is real. The organizations that communities depend on — hospitals, schools, utilities, local governments — are the least defended and increasingly targeted. UC Berkeley’s CLTC provides a practical roadmap: trust, services, sharing, governance, and sustainability.

Enterprise security doesn’t exist in isolation. When community organizations fall, the impact ripples through supply chains, public services, and the people who depend on them.

Find all editions on FIR Risk Tuesday | GitHub

On this page: