This paper, published in partnership with the UC Berkeley Center for Long-Term Cybersecurity, highlights research indicating that “underserved” residents in San Francisco, California— including low-income residents, seniors, and foreign language speakers—face higher-than-average risks of being victims of cyber attacks. They are less likely to know whether they have even been victimized by a cyber attack, and they have lower awareness of cybersecurity risks. Partly as a result, they are less likely to access online services. This cybersecurity gap is a new “digital divide” that needs to be addressed—with urgency—by the public and private sectors alike.
We offer a framework of recommendations for how officials in U.S. cities can promote cybersecurity awareness among vulnerable undeserved populations. Drawing on our research in San Francisco, we provide a summary of our research methodology and findings, an implementation strategy for training, and a discussion of potential challenges that cities may face. The report is intended to help city leaders understand how they could better understand this issue in their own cities, and how they might forge public-private partnerships to address cybersecurity concerns at the system level.