North Carolina Community College System hosts cybersecurity simulation training for colleges

North Carolina Community College System hosts cybersecurity simulation training for colleges

Wednesday, March 22, 2023 - 9:43am

The North Carolina Community College System led a series of ransomware cybersecurity trainings for community colleges across the state this month.

The purpose of the exercise was to build awareness of events and activities occurring during a significant cyber event, and to promote learning and information sharing campus wide.

“The goal of this training was to improve college response to a potential ransomware attack,” said Stephen Reeves, Chief Information Security Officer at the North Carolina Community College System. “The exercise involved a simulated attack scenario and provided an opportunity for participating college teams to work together to identify and resolve the incident.”

Nearly 400 individuals from community colleges across the state attended the exercises, which were hosted at colleges in the eastern, central, and western regions of the state.

The training focused on areas of communication, business continuity, roles and responsibilities, and response plans.

Participants also heard directly from colleges that experienced ransomware to understand what worked well and what would have changed.

The first exercise was March 7 at Craven Community College.

“It’s important for community colleges to participate in this kind of training because it’s a matter of when, not if. It’s not ‘we don’t have anything the bad guys want.’ Instead, it’s ‘we exist, therefore we’re a target,’” said Shawn Toderick, Associate Dean of Technology at Craven Community College. “If an attack is successful, IT staff may not be able to restore service or access in a fast manner, and staff/faculty need to be prepared to continue normal operations as best they can.”

Colleges were encouraged to send individuals from various campus areas.

“It’s also important to learn from the experience of other colleges from non-IT staff to help understand that IT staff are not alone in the responsibility of protecting the College from digital threats or responding to an attack,” Toderick said.

Additional exercises will be offered at a later date.

classroom full of people at tables