Cybersecurity Clinic

Thanks to generous funding from the Google Cybersecurity Clinics Fund, our Clinic is able to provide pro bono cybersecurity services to community organizations.

For decades, schools of law and medicine have operated “clinics,” where students work with real-world clients with limited resources and gain valuable hands-on experience. As a founding member of the Consortium of Cybersecurity Clinics, RIT introduced a “clinic” model for cybersecurity in 2018. Now, thanks to generous funding from Google to expand the clinic model, we are able to better provide cybersecurity services to our community while creating more opportunities for our students.

The intent of these projects is to give students from diverse backgrounds and academic expertise a "clinical" experience where they work on real-world problems and systems under the supervision of our faculty and help to strengthen the digital defenses of non-profits, hospitals, municipalities, small businesses, and other under-resourced organizations in our community. The Clinic model also helps develop a talent pipeline for cyber civil defense.

Please note: RIT's Cybersecurity Clinic does not provide services to individuals. This program is only for under-resourced community organizations such as those outlined above.. 

Learn more and apply for services

What is a Cybersecurity Clinic?

Learn more about the cybersecurity clinic model in this video from the Consortium of Cybersecurity Clinics.

Learn more about Google’s new investment to support the Cybersecurity Clinics Fund

What services will the RIT Cybersecurity Clinic provide to organizations?

Services vary based on the needs of each organization and a project scope achievable over the course of a semester, but some examples include:

  • penetration testing
  • web applications, infrastructure, networks, IoT, services security/privacy
  • vulnerability assessments based on established frameworks (e.g., NIST, CIS, CISA)
  • audit of existing practices/processes 
  • cybersecurity engineering, development and deployment tasks
  • cybersecurity consultation and awareness on ongoing technological transformation


“We have had several penetration tests performed for our district utilizing several professional organizations and we found that the quality of the faculty/student team exceeds that of all other penetration testing services we have experienced.”

- Daniel Bowman, Director of Technology, Canandaigua City School District

“The comprehensive nature of the penetration tests, the high-quality analysis conducted by the RIT team, and the actionable recommendations set forth in the report have laid the foundation for a potential long-term security testing relationship between RIT and ES&S.”

- Chris Wlaschin, senior vice president and Chief Information Security Officer, Election Systems & Software, the largest voting device manufacturer in the US.