{"id":13218,"date":"2025-05-15T17:58:35","date_gmt":"2025-05-15T17:58:35","guid":{"rendered":"https:\/\/cybersecurityclinics.org\/?p=13218"},"modified":"2025-06-06T14:06:02","modified_gmt":"2025-06-06T14:06:02","slug":"event-recap-spring-2025-clinic-of-clinics","status":"publish","type":"post","link":"https:\/\/cybersecurityclinics.org\/blog\/event-recap-spring-2025-clinic-of-clinics\/","title":{"rendered":"Event Recap: Spring 2025 \u201cClinic of Clinics\u201d"},"content":{"rendered":"\n

On April 24, 2025, the Consortium of Cybersecurity Clinics held the Spring 2025 \u201cClinic of Clinics\u201d event, bringing together over 140 students from more than 40 Cybersecurity Clinics across the world. This is a biannual event held each semester and gives students who are working in their school\u2019s  cybersecurity clinic a chance to connect with peers and learn from top experts in the field.<\/p>\n\n\n\n

The Consortium of Cybersecurity Clinics is a collaborative network of higher education-based cybersecurity clinics focused on serving community organizations. The Consortium plays a key role in connecting these clinics, sharing resources, and assessing the impact of clinics on students and the communities they serve.<\/p>\n\n\n\n

General (Ret.) Paul M. Nakasone<\/strong><\/h4>\n\n\n\n

The highlight of the event was a keynote by General (Ret.) Paul M. Nakasone<\/a>, who led as the former Director of the National Security Agency (NSA) and Commander at U.S. Cyber Command. He is now the founding director of Vanderbilt University\u2019s Institute for National Security<\/a>.<\/p>\n\n\n\n

Inside the NSA and U.S. Cyber Command<\/strong><\/h4>\n\n\n
\n
\"\"
Paul M. Nakasone<\/center><\/figcaption><\/figure>\n<\/div>\n\n\n

General Nakasone started the keynote with a powerful and inspiring statement for the students in attendance, \u201cThe future is about talent, and you represent that talent.\u201d He then shared his experiences in the former roles at the National Security Agency (NSA) and U.S. Cyber Command, two organizations that play a very crucial role in securing the nation’s digital infrastructure. He explained the simple yet powerful mission of the NSA: \u201cWe make code, and we break code.\u201d The NSA develops cryptographic keys, codes, and encryption technologies in order to protect the country’s most sensitive communications and defense platforms. NSA also plays a critical role in national intelligence by monitoring adversarial activity.<\/p>\n\n\n\n

As for U.S. Cyber Command, General Nakasone outlined three core missions:<\/p>\n\n\n\n

    \n
  1. Defending Department of Defense networks, data, and weapon systems: Supporting over 4.5 million users and maintaining constant mobility, this infrastructure serves as the foundation for global military operations.<\/li>\n\n\n\n
  2. Providing cyber support to U.S. forces deployed worldwide: From Korea to Iraq and Afghanistan, Cyber Command maintains cyber readiness and protection in active military environments.<\/li>\n\n\n\n
  3. Protecting the nation in cyberspace: Cyber Command works with the Department of Homeland Security (DHS), the FBI, and the private sector to protect US elections and other critical democratic functions from foreign interference.<\/li>\n<\/ol>\n\n\n\n

    Disruptive Technologies and the Importance of Adaptation<\/strong><\/h4>\n\n\n\n

    The keynote was structured with three core themes: disruptive technologies, the current state of cybersecurity, and the skill sets needed for tomorrow\u2019s leaders. To demonstrate the impact of disruptive technologies, General Nakasone talked about Steve Jobs\u2019 2007 announcement of the iPhone<\/a>, which he described as \u201cthe most disruptive technology of the 21st century.\u201d He compared the companies that embraced the adoption of and adaptation to mobile innovation, like Amazon and Google, with those that ignored the shift, such as Blockbuster, Blackberry, and Nokia. Through this comparison, he explained how early action can shape long-term relevance and success for companies in a world with rapidly evolving technologies, \u201cYou can adopt, adapt, or avoid. Choose wisely.\u201d<\/p>\n\n\n\n

    \"\"<\/figure>\n\n\n\n

    Artificial Intelligence: Promise and Risk<\/strong><\/h4>\n\n\n\n

    General Nakasone explained how today\u2019s biggest disruptive technology, Artificial Intelligence, presents both huge opportunities and serious concerns. He then reflected on the launch of ChatGPT, noting its quick growth: over 1 million users in just five days, and 100 million within two months\u2014a pace that significantly exceeded the internet’s initial expansion, which took seven years to reach 50 million users. He called the capabilities of current AI models as \u201ctruly outstanding,\u201d citing their quick developments in areas like coding, reasoning, deep research, and even image generation. While he found the new technology to be exciting, he highlighted the need for responsible advancement and called for national investment in talent, energy, compute, chips, and data that would ensure the safe development and application of AI. With regard to cybersecurity, he mentioned several concerns, including the emergence of deepfakes. Fortunately, defense against malicious deepfakes outperformed offense in the 2024 U.S. presidential election.  Additionally, he expressed worries about the possibility of backdoors in open-source AI models, a recent example would be DeepSeek, and the danger of data poisoning during AI model training, vulnerabilities that may be used to infiltrate critical systems. Despite these risks, he maintained his optimism that AI would advance industries like national defense, education, and medicine, stating that the technology has him “riveted on the future.”<\/p>\n\n\n\n

    The Geopolitical Landscape: Three Arcs of Global Security<\/strong><\/h4>\n\n\n\n

    Shifting to a broader strategic view, General Nakasone defined today\u2019s global security environment through what he described as three arcs of geopolitics. In the first arc, he explained the rise of China, showing how it went from a $114 billion economy in 1972 to a $17 trillion global power with expanding diplomatic, informational, and military influence today. The second arc focused on active conflicts, such as the Russia-Ukraine War, and ongoing instability in the Middle East. He explained how digital capabilities, like laptops connected through satellite internet, have made it possible for unprecedented disruption, pointing out that Ukraine has disabled more than half of Russia’s Black Sea Fleet despite having no navy. \u201cThis is the future of conflict,\u201d he said, where non-kinetic cyber operations increasingly shape kinetic outcomes. The third arc addressed the threats that cross borders, such as pandemics, climate change, and cybersecurity itself, reminding us all that geographic boundaries no longer protect countries from cyberattacks. When combined, these three arcs show how intricately cyberspace has woven itself into both national security and international relations.<\/p>\n\n\n\n

    \"\"<\/figure>\n\n\n\n

    A Closer Look at Today\u2019s Cybersecurity Threats<\/strong><\/h4>\n\n\n\n

    General Nakasone also talked about the current cybersecurity threats. Last year, there were over 5,000 recorded ransomware attacks in the United States, which is a 15% increase from the prior year. He shared that when companies like Microsoft release updates, the attackers are able to exploit vulnerabilities within just five days, putting intense pressure on organizations to patch systems quickly. What\u2019s even more concerning is that it takes an average of 194 days to detect an intrusion and 58 days to remove it. These three elements present a very challenging picture as we think about cybersecurity today and into the future.<\/p>\n\n\n\n

    The Four Basics That Defeat 96% of Threats<\/strong><\/h4>\n\n\n\n

    To tackle these challenges, General Nakasone stressed the importance of renewed commitment to \u201cdefense in depth,\u201d urging cybersecurity experts to actively look for threats, conduct penetration tests, and prioritize patching. He also shared the four simple practices that can provide protection against 96% of known adversaries. Those four practices are:<\/p>\n\n\n\n

      \n
    1. Keeping the systems updated.<\/li>\n\n\n\n
    2. Using strong passwords<\/li>\n\n\n\n
    3. Recognizing phishing attempts<\/li>\n\n\n\n
    4. Enabling multi-factor authentication (MFA)<\/li>\n<\/ol>\n\n\n\n

      What Makes a Great Cybersecurity Leader?<\/strong><\/h4>\n\n\n\n

      General Nakasone concluded his presentation by outlining the three traits a cybersecurity professional must have: <\/p>\n\n\n\n

        \n
      1. Critical thinking<\/li>\n\n\n\n
      2. Communication skills<\/li>\n\n\n\n
      3. Character<\/li>\n<\/ol>\n\n\n\n

        He shared about this experience about how no one asked him what he majored in after college. Instead, they wanted to see if he could break down a complex problem, communicate clearly, and hold strong values. \u201cCharacter,\u201d he said, \u201cis what you are in the dark. It\u2019s what you stand for when no one\u2019s watching.\u201d<\/p>\n\n\n\n

        Q&A Session<\/strong><\/h4>\n\n\n\n

        After the keynote, students from clinics across the world got the chance to ask questions directly to General Nakasone. The Q&A session turned out to be one of the most captivating parts of the event, with questions ranging from privacy and national security to AI regulation, policy and career advice.<\/p>\n\n\n\n

        Key Takeaways from the Q&A Session:<\/p>\n\n\n\n

          \n
        1. Collaboration is key: Effective cybersecurity requires coordination between the government, the private sector, and academia. Each brings together strengths to solve complex challenges.<\/li>\n\n\n\n
        2. Technical leaders are in demand: \u201cWe need leaders who code, and coders who can lead.\u201d<\/li>\n\n\n\n
        3. Strategic government investment in education, talent, and infrastructure can drive innovation, just as it did with the interstate highway system and GPS.<\/li>\n<\/ol>\n\n\n\n

          Breakout Sessions: Peer Connections and Takeaways<\/strong><\/h4>\n\n\n\n

          After the conclusion of the keynote and Q&A, the students were moved to breakout rooms, where they discussed engaging prompts. These sessions allowed everyone to make personal connections, share stories, and think about their clinic work from a new perspective.<\/p>\n\n\n\n

          Final Reflections<\/strong><\/h4>\n\n\n\n

          The Spring 2025 “Clinic of Clinics” was an insightful event where students connected with each other and learned how cybersecurity relies on people driven by shared values, teamwork, and a desire to learn. General Nakasone\u2019s keynote shed light on today\u2019s most critical challenges and sparked inspiration about the future we’re creating together. In his closing remarks, he quoted Steve Jobs, \u201cEveryone here has a sense that right now is one of the moments that we are influencing the future.\u201d <\/em><\/p>\n\n\n\n

          Listening to his keynote certainly made us all feel we were in one.<\/p>\n","protected":false},"excerpt":{"rendered":"

          On April 24, 2025, the Consortium of Cybersecurity Clinics held the Spring 2025 \u201cClinic of Clinics\u201d event, bringing together over 140 students from more than 40 Cybersecurity Clinics across the world. This is a biannual event held each semester and gives students who are working in their school\u2019s  cybersecurity clinic a chance to connect with […]<\/p>\n","protected":false},"author":4,"featured_media":13222,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[15],"tags":[],"class_list":["post-13218","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog"],"acf":[],"_links":{"self":[{"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/posts\/13218","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/comments?post=13218"}],"version-history":[{"count":8,"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/posts\/13218\/revisions"}],"predecessor-version":[{"id":13229,"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/posts\/13218\/revisions\/13229"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/media\/13222"}],"wp:attachment":[{"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/media?parent=13218"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/categories?post=13218"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityclinics.org\/wp-json\/wp\/v2\/tags?post=13218"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}