In May 2019, the city of Baltimore, Maryland went through a cybersecurity nightmare. Held at ransom by cybercriminals who locked the city out of vital files, Baltimore resisted the pressure to pay, leading to monstrous recovery costs in the millions as services such as real estate transactions and bill payments took a severe hit.
MIT’s Cybersecurity Clinic now uses this incident as a significant case study. Helmed by lecturer Jungwoo Chun and Ford Professor Lawrence Susskind, the clinic was established in 2019 as part of the Department of Urban Studies and Planning. Its mission? To curb the rising threat of ransomware attacks targeted at public agencies and municipal governments.
The clinic format offers students practical hands-on training, ending with a certification exam. Students then form teams to evaluate client vulnerabilities and provide useful recommendations. Serving primarily New England healthcare organizations and municipalities, the clinic has performed upwards of 40 assessments.
Looking forward to 2025, the FBI’s Internet Crime Complaint Center anticipates a daily average of 2,765 cyberattacks on Americans. Small municipalities and hospitals that form the backbone of our infrastructure often lack the resources to fight these far-reaching attacks, which interrupt essential services and endanger personal data. It’s no small task, especially given that public sector budgets often struggle to match private sector salaries for cybersecurity experts.
Between 2018 and 2024, U.S. government entities fell victim to a staggering 525 ransomware attacks, resulting in an estimated $1.09 billion in downtime costs. Susskind calls for financially-strapped organizations to adopt a DIY approach with the clinic’s guidance, employing low-cost strategies.
Surprisingly, the cybersecurity program at MIT is not part of the computer science department, which is evidence of Chun and Susskind’s “defensive social engineering” approach. Their approach shows cybersecurity to be more than just a technical issue – the key vulnerability often lies in human error, despite the rapid advancement of AI introducing new tools for would-be criminals.
Students with diverse backgrounds get a more rounded understanding of cybersecurity challenges. This includes lecturers from the industry, discussing topics such as AI’s effect on cybersecurity and risk modeling’s role in financially-tight situations.
To prepare for field assignments, students spend the first few weeks going through online modules and discussions, mastering how to handle complicated interactions with clients. They must pass an exam to proceed. A focus on building client trust and delivering balanced assessments feeds into the skill-building process of the course.
Among the recommendations students learn, inventorying hardware and software, establishing multi-factor authentication, and preparation of response plans rate highly. Though not costly, these strategies can effectively cut the risk of cyberattacks drastically.
With over 120 alumni and with modules publicly available via MITx, the clinic model is expanding. Universities across the globe are now opening their own cybersecurity clinics. So, are you keen on enhancing your company’s cybersecurity through AI automation? Look no further than implementi.ai.
Discover more about this issue by visiting the original article here.
This website uses cookies.