IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Texas A&M Cyber Center Offers New Training Program

A new Cyber Training and Exercise Range at Texas A&M University, part of its Cyber Readiness Center, allows other government organizations to train their employees with cyber attack simulations and hands-on exercises.

DSC_1363-768x510.jpg
The Texas A&M Engineering Extension Service (TEEX) Cyber Readiness Center's Cyber Range makes use of 50 laptops connected to a central network.
(Texas A&M)
According to an October report from the nonprofit Identity Theft Resource Center, data breaches due to cyber attacks increased in the U.S. by 27 percent since last year, with phishing and ransomware being the most common. Another study from IBM noted that data breaches have cost companies an average of $4.24 million per incident in 2021 — the highest average in 17 years.

The costly rise of such cyber attacks against public schools, governments and other organizations has created a sense of urgency around cybersecurity training, according to Andrew Jarrett, a program manager for Texas A&M University's Cyber Readiness Center, a training and resource facility operated by the school's Engineering Extension Service (TEEX).

Jarrett said the need to provide cybersecurity training has become particularly important amid a rise in telework and digital learning in public schools.

“It’s a lot harder to defend that distributed infrastructure,” he said. “When it’s all sitting on one network, it’s a lot easier to monitor and put layers of security around it.”

With these challenges in mind, in October the center announced the creation of a new Cyber Training and Exercise Range that offers cybersecurity training and professional development to public-sector IT staff and other organizations tasked with network defense.

Comprised of 50 laptops connected to a central network, the range includes a hands-on virtual environment that simulates cyber attacks so trainees can practice responding to a variety of network threats, according to Jarrett. The range will be used in a course called Cybersecurity Incident Response for IT Personnel, in which students work in groups to defend a network against simulated attacks.

Jarrett said jurisdictions interested in using the range can do so for free through grant funds from the Federal Emergency Management Agency (FEMA), as long as those jurisdictions provide a facility to host exercises.

“This [range] grew out of the FEMA grant-funded program,” he noted. “In it, we immerse IT professionals in cybersecurity incident response … We bring the equipment and instructors to that area, and we conduct the training.”

Jarrett said this kind of free training is huge for smaller jurisdictions and K-12 schools with limited resources.

According to federal agencies, public schools were top targets for cyber criminals using ransomware to extort millions of dollars last year.

Similar to facilitating telework in the private sector, Jarrett said K-12 IT departments have placed focus on maintaining connectivity across networks for digital learning. However, unlike other industries, he said schools often lack the resources to employ professionals dedicated solely to cybersecurity.

“If we can upskill existing IT professionals to teach them how to do the basics of cyber incident response and mitigation, then we can help them prevent having more costly [cyber attacks] down the line ... In my opinion, it’s probably why [schools] are the most targeted, because they lack those resources in many cases," he said. “With COVID, remote learning, e-learning and everything else, the responsibility of [IT departments] has been squarely on keeping the students and teachers connected, and so it’s made cybersecurity more difficult. We see that outside of education as well. Our attack surface has gotten much larger.”

Bart Taylor, a technology course lecturer at Texas A&M and district coordinator at the student organization SkillsUSA, reiterated how challenges of the pandemic have partly underscored the need to train more cybersecurity professionals.

In his work as a secondary and post-secondary tech educator spanning two decades, he noticed little interest in cybersecurity until fairly recently. He said courses such as those offered by Texas A&M's Cyber Training and Exercise Range, as well as promoting digital security awareness among children, is important to cultivating a culture of cybersecurity.

“I remember teaching 20 years ago — when a kid was into computers, they were really into computers because it was harder to tinker with computers at the time,” he said. “Computers and access to them got so big, but the use of computers became so easy. We’re almost at a point where we’re hitting the reset button on how to learn about IT and cybersecurity, and that need.”
Brandon Paykamian is a staff writer for Government Technology. He has a bachelor's degree in journalism from East Tennessee State University and years of experience as a multimedia reporter, mainly focusing on public education and higher ed.