MIT CYBERSECURITY CLINIC
The new MIT Cybersecurity Clinic (11.274 and 11.074) will be offered in both the fall and spring semester at MIT.
The Cybersecurity Clinic will consist of four-modules : Cybersecurity for Critical Urban Infrastructure: Understanding the Problem; How the MIT Cybersecurity Clinic Makes Initial Contact with potential Client Agencies; Onsite Assessment of Cybersecurity Vulnerability by MIT Clinic Staff; and Prepare and Submit a Final Cybersecurity Vulnerability Assessment to a Client Agency. MIT students who want to take on field assignments with the Cybersecurity Clinic (for academic credit) must pass the certification examination offered at the end of the fourth module.
Students who have achieved certification, will work in teams supervised by advanced doctoral and post-doctoral students during the last nine weeks of the spring semester to collaborate with an assigned client agency to prepare a Cyberattack Vulnerability Assessment for a client agency.
WHO WE ARE
We are developing a new class of non-technical strategies against cyberattacks called Defensive Social Engineering. Cyber defenders can use Defensive Social Engineering along with technical tools to defeat or compromise attackers. One technique in the Defensive Social Engineering toolbox is Cyber Negotiation. This research is supported by MIT’s Internet Policy Research Initiative (IPRI).
RESOURCES
Click here for a list of publications and resources
ABOUT THIS BLOG
click above to read more about this blog and watch the short animation below
-
USA Today: Cyberattacks on Critical Infrastructure Are Increasingly Common
-
CISA Proposed Cybersecurity Incident Reporting Requirements for Critical Infrastructure Companies Opened for Comment
-
Boston Globe: How to Thwart Hackers (Local Cybersecurity)
-
Quick guide to the 6 ways we can regulate AI (MIT Tech Review)
-
World agencies issue cybersecurity guidance for smart cities
-
The Electronic Frontier Foundation Opinion Piece on the U.N. Cybercrime Treaty
-
Cyberattacks on local governments 2020: findings from a key informant survey
-
strategic approach to identify, stop and punish cyberattackers (Third Way Cyber Enforcement Initiative)
-
Cyberattack Causes Trains to Stop in Denmark
-
US to launch ‘labeling’ rating program for internet-connected devices in 2023
-
BCCS 2019: Strengthening Cybersecurity through Relationships
James Comey at the 2017 Boston Conference on Cyber Security | Woods College, Boston College On March 6, Boston College and the Federal Bureau of Investigation convened the Third Annual Boston Conference on Cybersecurity. The…
-
3Q with Greg Falco
Gregory Falco | Ian MacLellan Reposted from Rob Matheson's MIT News Story, published on March 4th, 2019. In ransomware cyberattacks, hackers steal a victim’s sensitive data and threaten to publish or block access to it…
-
Bringing Utilities to the Table to Talk About Cybersecurity
The Seven Principles and Five Areas defined in the CT Cybersecurity Action Plan | Takeo Kuwabara Fostering collaboration on cybersecurity between private energy utilities and state governments can be challenging. Utilities are hesitant to disclose…
-
Congress Establishes Cybersecurity and Information Security Agency, Heightening National Focus on Critical Infrastructure Protection
The Cybersecurity and Infrastructure Security Agency (CISA) On November 16, 2018 President Trump signed the Cybersecurity and Information Security Agency Act (H.R. 3359) into law, amending the Homeland Security Act of 2002. The law reorganizes…
-
A Conversation with Massachusetts’ Chief Information Officer
National Institute of Standards and Technology, U.S. Department of Commerce (NIST) N. Hanacek On October 31, 2018 the Securing the Enterprise Conference at MIT brought together cyber security experts from business, government officials, and academia…
-
States on the front Line of Cyberdefense: in Agreement with Connecticut’s Cybersecurity Risk Officer
Electricity Distribution Arthur House, the chief cybersecurity risk officer for Connecticut, recently penned a column in the Washington Post titled “We’d be crippled by a cyberattack on our utilities.” We agree. Given that “the states,…
-
A Response to the Smart City Technical Vulnerability Report
Smart City Concept from 'How to Outsmart the Smart City' On August 9th 2018, during the major Security conference Black Hat, security researchers from IBM and Threatcare announced major technical vulnerabilities in a variety of…
-
The Value of Metrics in Combatting Cyberattacks
Fort Meade Alliance Many organizations assume that all necessary security measures will eventually be baked into everyone’s job. However, in our experience, top cyber security experts express trepidation about relying too heavily on metrics, or…
-
To defend cities from cyberattack, think like a hacker
San Francisco Chronicle John Spink / Atlanta Journal-Constitution Our cities are under attack. In the past two months, two major cyberattacks have targeted urban critical infrastructure and services. In February, Colorado’s Department of Transportation had…
-
What is the Real Role and Advice from the FBI for Combating Ransomware? – Part Two
We had the opportunity to meet with agents from the Cyber Crime Division of the FBI to get a first-hand account of the FBI’s perspective on ransomware as well as their role in helping organizations.…