Ransomware attacks have been making headlines recently for completely halting key operations at essential infrastructure including pipelines and hospitals. In Canada, Saint John, New Brunswick is a hub for power generation, pulp and paper mills, oil refineries and other critical infrastructure. That puts the province on the frontlines of cybersecurity vulnerability—and also on the precarious edge of risk and mitigation scenarios. Recognizing this, New Brunswick Community College (NBCC) dreamed up a solution to build cybersecurity protection into the province’s education curriculum.
The result is NBCC’s new Critical Infrastructure Security Operations Centre, or CI-SOC for short.
CIRA funded NBCC’s project through our Community Investment Program Grants initiative last year. The project leverages NBCC’s robust cybersecurity curriculum and extends its reach by providing local high school students with hands on learning opportunities. Since October is Cybersecurity Awareness Month, we thought now would be a good time to sit down with Ben McHarg, NBCC Cybersecurity Instructor and Scott Henwood, NBCC’s Head of Applied Research and Innovation to get the full story on the CI-SOC.
“Before the CI-SOC, high school students had no real hands-on way to understand cybersecurity,” stated McHarg, when we asked where the idea for the project originated. “They were learning on isolated computers, not in a security operations centre, with no ability to see and influence how control units behave in the real world.”
So NBCC reached out to CyberNB, a New Brunswick-based convenor of national cybersecurity stakeholders and provincial education departments, to envision a large-scale, fully simulated threat monitoring environment that would give both secondary and post-secondary students a new way to learn about detecting and remedying cyberattacks. And that vision has become reality. CI-SOC is now a real, physical place: a self-contained room on the College’s campus. Within it, NBCC recreates the real-world cybersecurity attacks and network traffic that critical infrastructure operators face day-to-day.
When you walk into the room you will see it’s set up like a security operations centre, with multiple desks oriented toward a wall of screens and equipment. NBCC has simulated the operations of a real-world business environment, with mock business IT systems, industrial control systems, a variety of security systems and a living, breathing cybersecurity educator observing and analyzing potential scenarios. Each piece of equipment found in the CI-SOC serves a purpose. An inconspicuous rack of machines in the corner is actually an important part of the production facilities in both oil refineries and heavy industries. The set of big screens mounted on the wall show real-time global threat vectors, continuous monitoring logs and real-time analysis of malicious activity.
The CI-SOC was originally created for the College’s students to receive real-world training on cybersecurity scenarios before entering the workforce. That idea quickly evolved when NBCC realized the centre could also address a gap in the Canadian curriculum surrounding cybersecurity for K-12 students. While technology is increasingly being incorporated into classroom teaching, students aren’t taught how Canada’s industries operate, what cyber threats they face, or how to remedy these attacks when they do strike.
McHarg shared his experience of talking about cybersecurity with school kids, “Kids are exposed to professions like doctor and nurse all the time, so they know what those are. But when you ask them what a cybersecurity professional does they draw a blank. Understanding there are systems that get clean drinking water to their tap, or turn their lights on and off that can potentially be attacked makes it less abstract. We’ve developed a hands-on, exercise-based approach where they can initiate an attack and watch what happens by monitoring screens and watching for the alerts that come up because of the command they issued. They can push buttons and break things, and then fix them. At CI-SOC they can connect the physical world and the virtual world of cybersecurity all in one room.”
McHarg noted that before the CI-SOC, no other resource existed to help public high school students visualize or understand just how this all worked in a controlled setting. “We’re showing students what’s involved in protecting our critical infrastructure, and helping them see it’s a real career opportunity. Even students who took on extra work volunteering to help us build the centre when it started found that they were able to land some pretty demanding cybersecurity roles right out of school. Through their participation, they gained exposure to the field and it made them that much more employable. So the CI-SOC really has the potential to make an important contribution to the development of Canada’s cybersecurity workforce.”
CIRA’s grant to NBCC is just the beginning. Henwood refers to it as instrumental. “We wouldn’t have been able to build it without CIRA. The bulk of the CIRA funding went to the physical setup—equipment, monitoring software and tools, each of the industrial control units we have on site.” In addition, Henwood notes that CIRA’s startup funds have enabled NBCC to attract even more support, notably from the New Brunswick Innovation Foundation. “We’ve secured support for a dedicated research professional in cybersecurity to work with Ben and the other faculty and students on industry and community projects, and the lab CIRA funded was key to the success of the proposal.”
What do McHarg and Henwood see on the horizon? They're already thinking about expansion, of course. “The biggest value for the investment will be to get a few more industrial simulations in place in the centre, Mcharg said. “We want to grow the physical equipment in the room—five or six installations would be optimal. We also have our eyes on 5G tech and industrial IoT, that’s a real emerging area. As soon as we start building these additional test beds, we’ll use and leverage the CI-SOC to monitor this as part of the industrial environment.”
CIRA agrees that more investment in cybersecurity training keeps us all safe. Our 2021 Cybersecurity Survey found that over one-third (36 per cent) of cybersecurity professionals believe the number of cyber attacks has increased during the pandemic. We also know that ransomware attacks are on the rise, where files are held hostage until a ransom is paid for their release, and that many organizations lack the knowledge and skills to deal with them confidently.
Although October's Cybersecurity Awareness Month is drawing to a close, cybersecurity will need to remain a year-round priority. CIRA is proud to support NBCC’s project and we are eager to see how the CI-SOC will educate young Canadians and engage community partners to help protect the critical infrastructure we rely on every day.