When the Port of Virginia's new FEMA-funded Cyber Security Operations Center is completed, an Old Dominion University team will have left an indelible mark on both its function and its future workforce.

A suite of experiential learning modules developed by ODU professor Sachin Shetty and his team will be used as the blueprint to deploy the center. The modules will also be used to train cybersecurity interns, and in turn, establish a workforce pipeline for port cybersecurity.

"Our recent work in the cybersecurity space has allowed us to leverage our relationship and involve very high caliber academic expertise to meet an urgent need," said Rich Ceci, senior vice president of Technology and Projects at the Virginia International Terminals, LLC. "Together we are building what will become a reference model for the entire US port industry."

In May, Shetty, professor in the Department of Computational Modeling and Simulation Engineering, and who also holds dual appointments as executive director of the Center for Secure & Intelligent Critical Systems (SICS) at Old Dominion University's Virginia Modeling, Analysis and Simulation Center (VMASC), was awarded a Commonwealth Cyber Initiative grant geared toward scalable experiential learning projects across Virginia.

Shetty, joined by co-PI's Saltuk Karhan and Sarada Prasad Gochhayat of Old Dominion University, and faculty from Longwood University, Virginia State University, the University of Virginia and Rich Ceci, began the process of creating the experiential learning modules which will be used to teach students the understanding of cyber risks and technology needed to develop an operational cyber security monitoring center.

The modules, primarily written for novice cybersecurity students, cover a basic framework of needs assessments such as identifying cybersecurity concerns, threat assessment, the impact of high technology systems on operational environments and identification of hardware and software tools required to outfit the proposed center.

Gochhayat notes that port security is vital to the region and nation's supply chain. He references recent supply-chain cyberattacks like those on Solarwinds, Maersk and Port of San Diego.

"By performing sophisticated and targeted attacks on port systems, such as advanced persistent threats, attackers gained in-depth knowledge of port systems and networks, port processes, and port infrastructure to launch ransomware attacks and interruption of the port operation."

The experiential modules will be used not only in a theoretical model, but also to train cybersecurity students from ODU, Longwood University and Virginia State University who will be placed in internships at the new center.