When the Port of Virginia's new FEMA-funded Cyber Security Operations Center is completed, an Old Dominion University team will have left an indelible mark on both its function and its future workforce.
A suite of experiential learning modules developed by Professor Sachin Shetty and his team will be used as the blueprint to deploy the center. The modules will also be used to train cybersecurity interns, and in turn, establish a workforce pipeline for port cybersecurity.
"Our recent work in the cybersecurity space has allowed us to leverage our relationship and involve very high-caliber academic expertise to meet an urgent need," said Rich Ceci, senior vice president of technology and projects at the Virginia International Terminals, LLC. "Together we are building what will become a reference model for the entire U.S. port industry."
In May, Shetty was awarded a Commonwealth Cyber Initiative grant geared toward scalable experiential learning projects across Virginia. Shetty serves as a professor in the Department of Computational Modeling and Simulation Engineering, and also holds dual appointments as executive director of the Center for Secure & Intelligent Critical Systems (SICS) at Old Dominion University's Virginia Modeling, Analysis and Simulation Center (VMASC).
Shetty, joined by co-principal investigators Saltuk Karahan and Sarada Prasad Gochhayat of ODU, and faculty from Longwood University, Virginia State University, the University of Virginia and Ceci, began the process of creating the modules which will be used to teach students the understanding of cyber risks and technology needed to develop an operational cybersecurity monitoring center.
The modules, primarily written for novice cybersecurity students, cover a basic framework of needs assessments such as identifying cybersecurity concerns and threats, the impact of high technology systems on operational environments and identification of hardware and software tools required to outfit the proposed center.
Gochhayat notes that port security is vital to the region and references recent supply chain cyberattacks like those on Solarwinds, Maersk and the Port of San Diego.
"By performing sophisticated and targeted attacks on port systems, such as advanced persistent threats, attackers gained in-depth knowledge of port systems and networks, port processes, and port infrastructure to launch ransomware attacks and interruption of the port operation," he said.
The experiential modules will be used not only in a theoretical model, but also to train cybersecurity students from ODU, Longwood and Virginia State who will intern at the new center.