Healthcare organizations, businesses, and local governments are all common targets of online crime. Our programs bring business leaders from across industries together to collaborate with our students and faculty on timely solutions to cyber and national security concerns.
For six years Boston College and the Federal Bureau of Investigation have hosted theBoston Conference on Cyber Security, a one-day event featuring compelling lectures and panel discussions from international leaders in the disciplines of emerging technologies, operations and enforcement, and real-life cyber and national security concerns.
At a time of growing concern about the vulnerability of our nation’s information systems, this conference provides an opportunity for leaders in cybersecurity from the academic, analytic, operations, research, corporate, and law enforcement arenas to come together and coordinate their efforts, creating a more secure cyber-space.
Each Fall and Spring Semester, the Cybersecurity Program visits the IBM X-Force Cyber Range in Cambridge, Massachusetts. Table-top exercises simulate realistic cyber breaches to help students learn how to respond and recover from enterprise level incidents, manage vulnerabilities, and create proactive solutions to build a stronger security culture.
October 11, 2023
Artificial Intelligence (AI) is transforming various business sectors, particularly in cybersecurity, governance, risk management, and compliance. Cybercriminals are increasingly using AI to execute sophisticated attacks, including deepfakes, ransomware, business email compromise, and supply chain fraud, with Forbes warning of a "new era of menacing threats." IBM Security reports the average cost of a U.S. data breach at $9.48 million, highlighting the high stakes for organizations defending their data privacy in regulatory actions, lawsuits, and shareholder disputes.
In a recent webinar, we discussed AI security and privacy regulations, compliance strategies, and how a risk-based approach to cybersecurity can help companies safeguard operations, respond to breaches, and recover effectively.
Featuring
October 2023
ٳܰԲ:
March 3, 2023
Contributors dissect the recent conviction of the Uber Chief Information Security Officer.
ٳܰԲ:
March 29, 2022
By 2025, it is estimated that there will be 3.5 million cybersecurity job openings, and the global cybersecurity workforce will need to grow by 145% annually to meet the rising demand for skilled talent. Meanwhile, headlines frequently report cyber-attacks involving the theft of sensitive data, intellectual property, financial information, and the disruption of business and government functions. To address the cybersecurity skills gap, many organizations are turning to managed services, though the best solution varies based on specific risks and needs.
In this webinar, we explored and differentiated the range of managed services available—such as MSSP, MDP, SIEM, vCISO, incident response, and cloud security—and provided practical guidance for designing a robust cybersecurity and data privacy program to protect business operations and customer data.
Featuring:
January 25, 2022
We have seen a significant increase in cybercrime and headlines filled with attacks that have stolen digital information or caused the disruption of government, business, and supply-chain functions. It has been devastating in many regards, but we have also seen a new, unprecedented age of innovation. Venture capital funding has poured into cybersecurity companies at a record pace, helping drive the next generation of cybersecurity technologies to combat today’s threats and narrow the talent shortage gap.In our webinar, our guest expert, who invests in and advises late-stage and growth companies, will discuss the role of the VC (from “soup to nuts”) in cybersecurity and data privacy as well as various trends for 2022 and beyond.
ٳܰԲ:
November 16, 2021
Social engineering plays a role in the vast majority of cybercrimes, with an estimated 98% of cyberattacks launched through tactics like phishing, spear phishing, whaling, and pretexting. Headlines regularly report cyber-attacks that result in the theft of sensitive personal, healthcare, and business data or the disruption of government and corporate functions. IBM Security reports that the average cost of a U.S. data breach is $8.64 million, more than double the global average, with organizations facing even higher stakes as they defend their data protection policies in regulatory actions and lawsuits.
In this webinar, we examined social engineering attacks, focusing on threat actors, vectors, and methodologies, and provided practical insights into how these attacks unfold. Our experts offered key research, preparedness strategies, and best practices for protecting business operations and sensitive data from social engineering threats.
Featuring:
October 19, 2021
Headlines regularly report cyber-attacks that result in the theft of sensitive personal, healthcare, intellectual property, and business data, or the disruption of government and corporate functions. According to IBM Security, the average cost of a data breach in the U.S. is $8.64 million—more than double the global average. For many organizations, the stakes are even higher, as they face the challenge of defending their data privacy practices in regulatory enforcement actions and lawsuits.
In this webinar, we discussed the latest security and privacy regulations, along with compliance and mitigation strategies that help U.S. companies navigate complex legal requirements. We explored how a risk-based approach to cybersecurity helps organizations respond to, mitigate, and recover from data breaches while safeguarding their bottom line.
Featuring:
Each day brings news of another ransomware attack resulting in the theft of sensitive data—such as personal information, intellectual property, trade secrets, and financial records—or the disruption of business and government operations. Nation-states, terrorists, hacktivists, and cybercriminals are relentless, and companies are warned that it’s not a matter of "if" but "when" they’ll be attacked, facing demands for millions in ransom to "maybe" restore their systems and recover stolen data. Adding to the pressure, federal and state regulators are imposing new cybersecurity requirements with hefty fines, yet offering little guidance on compliance.
In this webinar, we explored how organizations can develop an effective cyber-risk management strategy, drawing from industry best practices and lessons learned, to assess their readiness and successfully respond to, mitigate, and recover from ransomware attacks—ultimately protecting their business operations and safeguarding sensitive data.
ٳܰԲ:
Headlines frequently report ransomware attacks resulting in the theft of sensitive data—such as personal information, intellectual property, trade secrets, and financial records—or the disruption of business and government functions. With threats from nation-states, terrorists, hacktivists, and cybercriminals, companies are warned it’s not a matter of "if" but "when" they will face ransomware demands for millions, with no guarantee of system recovery or data return. Meanwhile, new federal and state regulations impose strict cybersecurity requirements and heavy penalties, yet provide little guidance.
In this webinar, we discussed how organizations can develop an effective cyber-risk management strategy, using industry best practices and lessons learned, to assess their readiness and successfully respond to, mitigate, and recover from ransomware attacks—protecting their operations and sensitive data.
Featuring:
Organizations are faced with unrelenting threats from Nation-states, terrorists, hacktivists, and cyber-criminals seeking to steal their digital information (e.g., sensitive PII, intellectual property, trade secrets, financial information, classified and confidential materials) or disrupt government and business functions.
What to do? In our webinar, we will discuss the current cyber-threats to organizations and our critical infrastructure, the role of the U.S. Attorney’s Office, pertinent cyber and national security laws (e.g., CFAA, CFIUS, FCPA, OFAC advisories, etc.), and how organizations can protect their sensitive data and networks from cyber-attacks, as well as successfully navigate the complex legal and regulatory landscape to avoid civil and criminal liability.
Featuring:
March 25, 2021
Nation-states, terrorists, hacktivists, and cybercriminals are increasingly targeting healthcare organizations to steal sensitive patient data, intellectual property, and research, or to disrupt operations. The COVID-19 pandemic has amplified these threats, creating additional challenges due to changes in HIPAA and other healthcare compliance requirements.
In this webinar, we will discuss recent updates and proposed changes to HIPAA and other laws affecting healthcare security and privacy. We offered practical guidance for healthcare organizations to efficiently and cost-effectively comply with these regulations, and shared best practices to protect data and systems, as well as to effectively respond to, mitigate, and recover from cyber-attacks.
Featuring;
February 3, 2021
Businesses today face cyber threats from nation-states, terrorists, hacktivists, and cybercriminals, along with a growing number of complex cybersecurity requirements from federal and state regulators to protect their digital information. With each new technology and trend—whether it's cloud computing, IoT, AI, remote work, or telehealth—comes the challenge of securing data and networks.
In this webinar, we returned to the fundamentals, focusing on risk management, cyber hygiene, mitigation, and resilience. We discussed how to effectively make the business case for investing in cybersecurity, including technologies, processes, and people, from the board and senior executives to business units and support staff, and how to develop robust data security and privacy programs to protect against cyber threats.
Featuring:
View the slides of this presentation in PDF.
*If you need to download the free Adobe Acrobat Reader software, you can find it
December 2, 2020
Cities are becoming “smart” through digital transformation efforts in order to increase economic growth, enhance citizen and government engagement, improve the quality of life for citizens (e.g., transportation, public utilities, safety, equality, employment), and reduce negative environmental impact, among many other benefits.
In this webinar, we discussed how cities and communities can, by using IoT-enabled frameworks and other best practices, developing programs to effectivelyaddress the cybersecurity issues faced by cities and communities looking to become “smart.”
Featuring:
View the slides of this presentation in PDF.
*If you need to download the free Adobe Acrobat Reader software, you can find it
In ourwebinar, we discussed how to develop an effective incident response plan, based on “lessons learned” and industry best practices, and how to successfully respond to, mitigate, and recover from a data breach.
October 20, 2020
In this webinar, we discussed how to develop an effective incident response plan, based on “lessons learned” and industry best practices, and how to successfully respond to, mitigate, and recover from a data breach.
ٳܰԲ:
August 24, 2020
In this webinar, we discussed how cyber-criminals took advantage of consumers based on vulnerabilities posed by COVID-19.
Featuring:
With over 140,000 members worldwide, ISACA engages in the development, adoption and use of globally accepted, industry-leading knowledge and practices for information systems. ֱ’s local chapter of ISACA New England focuses on connecting students with opportunities in various fields. Members have access to varying trainings and certifications offered by ISACA at discounted rates.
A professional group for Boston College students, faculty, alumni and friends and supporters of our Cybersecurity and National Security Programs at ֱ and ֱ Law who are interested in networking (e.g., posting of jobs and internships, industry and government events, etc.) with each other and collaborating on the varying cybersecurity issues faced by industry and governments.
Fulbright TechImpact Scholar Awards areresearchgrants for Irish citizens, or E.U. citizens resident in the ROI for 3+ years, to complete short-term, non-commercial projects and research in the U.S.These Awards are open to professionals (no Ph.D. required) and early career researchers with a Ph.D. conferred since 2015.They are designed to respond to the potential and pace of Information and Communications Technologies (ICT).