The University of Oregon Cyber Risk Clinic provides cybersecurity risk management services to public sector organizations and underserved communities while giving students hands-on experience working with real-world clients.
What We Do
Public sector organizations and traditionally underserved groups—such as Native American communities, K-12 schools, and nursing homes—are essential for the well-being and progress of our society. However, many lack the resources to secure their digital operations from growing threats such as data breaches, system misconfiguration, phishing attacks, and other forms of cybercrime. The UO Cyber Risk Clinic empowers public and underserved organizations to defend against digital threats, and use technology to fulfill their missions—all while training the next generation of cybersecurity leaders.
Enable Organizations
- We help our clients understand their cyber risk and take meaningful steps to reduce it.
- We offer ongoing engagements with our clients to support them throughout the cybersecurity maturity journey.
- We directly consult with individuals in our client organizations to understand their risks and create action plans for managing them.
Train Future Cyber Leaders
- We teach UO students how to apply the latest cybersecurity technologies and practices.
- Students gain hands-on experience supporting clients in implementing information security programs.
- Our full-time staff engages students from varying backgrounds and disciplines, encouraging a diverse group to pursue careers in cybersecurity.
Program Services
Risk Assessments
We help clients understand and manage cyber risks, including identifying and mitigating potential risk factors. Sources may include industry, digital footprint, or business procedure.
CISA CPGs
Cyber Performance Goals (CPGs) set by the Cybersecurity and Infrastructure Security Agency (CISA) are the leading example for secure business practices and prevention against cyber attacks.
Security Program Support
A variety of frameworks are available for application to your organization, including CIS, NIST 800-171, HIPAA, and FERPA.