Skip to main content

Legal Clinic - Cybersecurity and AI Clinic

The Cybersecurity and AI Clinic is a multidisciplinary clinic that educates and trains students from both Scalia Law School and Howard University on cybersecurity and AI in a classroom and clinical setting. The Clinic offers students a unique opportunity to gain hands-on cybersecurity experience while also providing crucial support to vulnerable organizations in their local communities. Students not only gain essential, practical skills, they make a real-world impact and enter the field of skilled professionals ready to safeguard the American digital ecosystem.

The Clinic is a two semester (fall and spring), graded class, with three credits awarded each semester. In the fall semester, students learn about key cyber concepts and tools, including:

  • Policy, legal, and technical concepts related to cybersecurity, data governance, and data privacy.
  • Common and emerging cyber threats facing government agencies and businesses, including threat vectors and threat actors.
  • Cyber risk management frameworks, including identifying assets, impact, likelihood, as well as legal reasonings and organizational priorities behind selecting a framework.
  • Identifying and analyzing vulnerabilities within a client’s systems; detecting potential security threats; and learning what constitutes a reporting incident and how to build and analyze incident response and recovery plans.
  • The applications of AI in cybersecurity, including threat detection, predictive analytics, and automation of security processes.

Students also participate in 3-4 practical in-class exercises such as: (1) completing a risk assessment (creating an asset inventory, threat-vulnerability matrix, and risk register); (2) drafting data governance policies; and (3) conducting an incident response to a simulated data breach.

In the spring semester, students take the knowledge they’ve learned to work in groups to provide pro bono cyber services to real-world clients, including under-resourced and under-threat state and local governments, K-12 schools, utilities, public hospitals, and small businesses within the Washington metropolitan area. Students may delivery cyber policy and compliance guidance, cyber risk assessments, and incident response support. Minimal student travel to conduct on-site client interviews at least once during regular business hours in the second semester will be required.

The Clinic is open to all interested George Mason and Howard University students and no prior cyber experience is required. Applications are available through the National Security Institute. For more information about the program, including financial assistance to all student participants, please visit the Clinic page.

Academics