Consortium of Cybersecurity Clinics
  • About
    • Consortium History
    • Our Funders
    • Meet the Team
  • Members
  • Resources
  • Newsroom
    • In the News
    • Blog
  • Contact
    • Contact Us
    • Consortium FAQs
  • Support
  • About
    • Consortium History
    • Our Funders
    • Meet the Team
  • Members
  • Resources
  • Newsroom
    • In the News
    • Blog
  • Contact
    • Contact Us
    • Consortium FAQs
  • Support

A $10 million program to train students in cybersecurity across Europe

Month: November 2023

A $10 million program to train students in cybersecurity across Europe

By Phil Venables | November 29, 2023June 6, 2025

Consortium Hosts Fall 2023 “Clinic of Clinics”

November 29, 2023June 6, 2025

Students and faculty from 11 cybersecurity clinics joined to learn about cyber careers and tackle a scenario on hacktivism

BY SHANNON PIERSON, PUBLIC-INTEREST CYBERSECURITY FELLOW, CENTER FOR LONG-TERM CYBERSECURITY

On November 9, the Consortium of Cybersecurity Clinics hosted its semesterly “Clinic of Clinics”, a virtual event for students participating in cybersecurity clinics around the world to network, hear from experts in the field, and engage in tabletop exercises and other activities. This fall, 87 students from 11 university-based cybersecurity clinics participated, our largest turnout yet.

The event kicked off with a briefing from Matthew Grote, Senior Lead for Cyber Defense Innovations at the Cybersecurity and Infrastructure Security Agency (CISA). Grote provided a comprehensive overview of the agency’s mission and responsibilities, plus an in-depth analysis of the cybersecurity challenges posed by some of the most pernicious state and non-state threat actors operating in cyberspace. 

Grote explained that CISA’s cybersecurity mission is to reduce the most significant cyber risks across domestic cyberspace by providing guidance, coordination, policy actions, no-cost services, grants, and leadership focus. The agency is devoted to securing critical infrastructure, fostering operational collaboration with industry partners to ensure the security of their technology, and disrupting threat campaigns orchestrated by advanced persistent threat (APT) groups from nation-states and ransomware entities.

He also emphasized that CISA allocates a significant portion of its efforts and resources to understanding, monitoring, and countering cyber threats originating from a handful of state and non-state actors. These actors include the People’s Republic of China, Russia, North Korea, and Iran, as well as criminal ransomware groups. These threat actors are becoming increasingly sophisticated and aggressive, capitalizing upon the vulnerabilities of an increasingly interconnected society composed of devices and systems that are inherently difficult to defend.

Grote said that students interested in pursuing a cybersecurity-related career in the federal government can explore job opportunities on CISA’s career page, and they can pursue federal internships and scholarship and fellowship programs through CISA’s annual internship program, the CyberCorps: Scholarship for Service, the Presidential Management Fellows Program, and the Presidential Innovation Fellows Program.

Grote underscored the risks posed by adversaries in cyberspace to U.S. critical infrastructure, emphasizing CISA’s pivotal role in thwarting and safeguarding against imminent threats. 

“China is almost certainly capable of launching cyber attacks that could disrupt critical infrastructure services in the U.S., particularly against oil and gas pipelines and rail systems,” Grote said. “That capability is something we worry about at CISA. Our work focuses on hardening these networks to ensure we are prepared.”

Following Grote’s presentation, staff from the Atlantic Council’s Cyber Statecraft Initiative led students in a tabletop exercise based on a fictional scenario in which a cyberattack on a desalination plant in Los Angeles during the 2026 FIFA Men’s World Cup threatens the water supply in the region. In the narrative, an anti-capitalist hacktivist group claims responsibility for the attack, stating that its primary objective is to raise awareness about the cost-of-living crisis and housing insecurity in Los Angeles.

Students were assigned to smaller groups in breakout rooms. They analyzed the cyber incident by scrutinizing both facts and assumptions in the scenario, identifying relevant stakeholders, and formulating policy recommendations. They also outlined short-, medium-, and long-term objectives and evaluated worst-case versus likely outcomes. Finally, students deliberated on effective public communications strategies and reflected upon the increasing role of software and technology in society, proposing interventions that could prevent such incidents from occurring in the future.

The Atlantic Council’s learning activity, which was based off of scenarios they previously ran for the Cyber 9/12 Strategy Challenge, provided students from the cybersecurity clinics with a deeper understanding of the policy and strategy challenges associated with managing trade offs during a cyber crisis.

“We were debating back and forth about whether covert or overt action was the best practice initially,”  said Kincaid Keating, a student from the University of Alabama. “We eventually concluded that we should keep incident response covert and public communication about the attack limited until we obtained more information, scoped the damage, and obtained concrete facts about the incident. From that point, we discussed pulling in the appropriate agencies and building a team to look into this cyber incident to determine what assets were compromised and how this attack happened, and to begin system recovery.”

The exercise debrief concluded what was the most well-attended Clinic of Clinics in the Consortium’s history. Students who participated in the event will receive a custom mint-green challenge coin. They can collect a new coin for each Clinic of Clinics they participate in.

CLTC sends our sincere thanks to CISA, the Atlantic Council, and everyone who participated! Stay tuned for more from this community of public interest cyber defenders.

Forbes: How A Cyberattack Led To Innovation At Stillman College

By Marybeth Gasman | November 3, 2023June 6, 2025

IU Cybersecurity clinic helps secure data while giving students hands on experience

By Meredith Hackler | November 2, 2023June 6, 2025

Recent Posts

  • Event Recap: Spring 2025 “Clinic of Clinics”
  • Arizona High Schools to Launch Cybersecurity Clinics
  • The Feds Need to Step Up on Cybersecurity
  • West Virginia State University Celebrates Opening of Cybersecurity Clinic
  • SBA-Backed NJRIC Offering Free Accelerator Program and Cyber Risk Assessments

Recent Comments

No comments to show.

Archives

  • May 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • November 2023
  • October 2023
  • July 2023
  • June 2023
  • May 2023
  • March 2023
  • October 2022
  • September 2022
  • August 2022
  • May 2022
  • March 2022
  • February 2022
  • January 2022
  • November 2021
  • August 2020
  • July 2019

Categories

  • Consortium Blog
  • Featured
  • In The News
  • Uncategorized

Donate to the Consortium

Help build and expand university-based cybersecurity clinics.
Make a Gift Today

Subscribe to the Consortium

    Consortium of Cybersecurity Clinics
    • About
    • Resources
    • Newsroom
    • Contact
    • Support

    © 2025 The Consortium of Cybersecurity Clinics. All Rights Reserved. Privacy Policy Accessibility Nondiscrimination