MIT CYBERSECURITY CLINIC
The new MIT Cybersecurity Clinic (11.274 and 11.074) will be offered in both the fall and spring semester at MIT.
The Cybersecurity Clinic will consist of four-modules : Cybersecurity for Critical Urban Infrastructure: Understanding the Problem; How the MIT Cybersecurity Clinic Makes Initial Contact with potential Client Agencies; Onsite Assessment of Cybersecurity Vulnerability by MIT Clinic Staff; and Prepare and Submit a Final Cybersecurity Vulnerability Assessment to a Client Agency. MIT students who want to take on field assignments with the Cybersecurity Clinic (for academic credit) must pass the certification examination offered at the end of the fourth module.
Students who have achieved certification, will work in teams supervised by advanced doctoral and post-doctoral students during the last nine weeks of the spring semester to collaborate with an assigned client agency to prepare a Cyberattack Vulnerability Assessment for a client agency.
Learn more about the Cybersecurity Clinic and how to partner with us here.
WHO WE ARE
We are developing a new class of non-technical strategies against cyberattacks called Defensive Social Engineering. Cyber defenders can use Defensive Social Engineering along with technical tools to defeat or compromise attackers. One technique in the Defensive Social Engineering toolbox is Cyber Negotiation. This research is supported by MIT’s Internet Policy Research Initiative (IPRI).
RESOURCES
Click here for a list of publications and resources
ABOUT THIS BLOG
click above to read more about this blog and watch the short animation below
-
CIRCIA Proposed Regulations Uncertain Ahead of October Final Rule Publication
-
USA Today: Cyberattacks on Critical Infrastructure Are Increasingly Common
-
CISA Proposed Cybersecurity Incident Reporting Requirements for Critical Infrastructure Companies Opened for Comment
-
Boston Globe: How to Thwart Hackers (Local Cybersecurity)
-
Quick guide to the 6 ways we can regulate AI (MIT Tech Review)
-
World agencies issue cybersecurity guidance for smart cities
-
The Electronic Frontier Foundation Opinion Piece on the U.N. Cybercrime Treaty
-
Cyberattacks on local governments 2020: findings from a key informant survey
-
strategic approach to identify, stop and punish cyberattackers (Third Way Cyber Enforcement Initiative)
-
Cyberattack Causes Trains to Stop in Denmark
-
What is the Real Role and Advice from the FBI for Combating Ransomware? – Part Two
We had the opportunity to meet with agents from the Cyber Crime Division of the FBI to get a first-hand account of the FBI’s perspective on ransomware as well as their role in helping organizations.…
-
What is the Real Role and Advice from the FBI for Combating Ransomware? – Part One
Imagine the following: After being hit by the WannaCry Malware, Anywhere Utility Co activates its Cyber Security response protocol. This starts with convening the utility’s top IT experts to try to retrieve their locked data.…
-
Healthcare Held Hostage: When Ransomware Strikes Hospitals
BBC News Imagine you are a nurse working in a busy public hospital. You’re preparing for open heart surgery scheduled to occur in just one hour, and the surgeon needs to know the patient’s medical…
-
Cyberattacks by Nation-States
iSight/FireEye Cyber warfare is a weapon that weaker nation-states are using to try to level the geopolitical playing field. Iran and North Korea (stay tuned for our upcoming blog post on hospitals for more details…
-
Information security and awareness programs for critical urban infrastructure operators offer a non-technical line of defense against ransomware attacks
IBM's If the price is right, ransomware wins Cybersecurity experts agree it is crucial to educate early, so that good user practices are presented and enforced after an attack. “Education” in this context usually takes…
-
Cyber Attacks on Local Police Departments: When the Police Become the Victims
Norse Attack Map Cyberattacks are no longer a concern of just national national governments or large corporations. In recent years, various critical urban infrastructure departments ranging from electric utilities to hospitals have been affected by…
-
Planning for Cyber Threats: The Next Frontier of Hostage Negotiation
WannaCry Ransom Note | BBC News Many of the tactics commonly used in terrorist or hostage negotiations are not applicable to cyber-negotiation. Empathy-creating moves aimed at drawing in hostage-takers rarely work in a setting in…
-
Defensive Social Engineering offers an early response to cyber attacks
Lockheed Martin's Cyber Kill Chain Based on interviews with several Chief Information Security Officers (CISO) and Chief Information Officers (CIO) responsible for major urban infrastructure such as electric grids and transportation networks, we have concluded…
-
A New Malware Attack; The Defense Dynamic
Countries initially infected with WannaCry ransomware via Wikipedia Ransomware, the malicious software impacting all sectors of technology and infrastructure, boasts a unique approach to the cybercrime economy. These tools, once they execute on an infected…
-
Introducing Defensive Social Engineering
We are developing a new class of non-technical strategies against cyberattacks called Defensive Social Engineering. Cyber defenders can use Defensive Social Engineering along with technical tools to defeat or compromise attackers. One technique in the Defensive…