Idaho’s Higher Ed Leaders Participate in CISA-Led Cybersecurity Exercise

Higher education leaders from across Idaho gathered for the first time to learn how to manage a ransomware attack and what steps to take to measurably reduce their cyber risk and protect students and faculty using a real-world scenario.

But this exercise had a twist.

Typically, college and university information technology (IT) staff would manage the response to the ransomware simulated attack for these exercises. For this one, IT staff were asked to sit on the sideline and observe as they watched their presidents and senior leaders try and manage the cyber-intrusion. 

Idaho Cybersecurity State Coordinator for CISA, Josh Stemp, said the exercise was intended to stress the response system by removing key players who typically could help solve the problems and recover from a cyberattack.

“We found that the senior leadership wasn’t prepared to solve it,” Stemp said. “It displayed the value of having IT at the decision-making table all the time.”

In the scenario, the ransomware attack was both cyber and physical, with critical systems like doors locking and temperatures of buildings spiking and dropping in addition to student data being compromised.

Stemp noted some eventually “closed” their college campuses in the scenario, while others chose to push on, trying to overcome the challenges presented in the exercise. The ransomware taking over buildings and locking doors showed the higher education leaders how damaging these attacks can be and how important communication is with other departments and even other institutions.

“One of the unexpected outcomes was the realization of the importance of communicating with other schools,” Stemp said. “This really opened the door for these institutions to work together when situations like this occur.”

The event was held in coordination with the Idaho State Board of Education, the Western Interstate Commission for Higher Education (WICHE), and all eight of Idaho’s public two-year and four-year higher education institutions. 

“This exercise was a valuable opportunity for non-technical senior leaders in higher education to come together and practice organizational responses, as well as share best practices and work on improving coordination among our different organizations, said Rick Aman, president of College of Eastern Idaho. “Ultimately, our shared goal is to protect the privacy of Idaho residents by safeguarding our data, systems, and infrastructure through partnerships and trainings like these.” 

This training served as a relaunch of leadership training that had been previously put on pause by the pandemic.

“The exercise was a great success,” said Cheryl Dowd, senior director of the State Authorization Network at WICHE “It provided Idaho’s higher education community with valuable information to keep our students and faculty data safe.”

Stemp and others believe the training highlighted areas where improvements can be made to help thwart a real-world cyberattack and it also had led to ongoing discussions among the participants for future collaborations.

“This training served as an initial step toward a stronger and more secure cyber future for Idaho’s colleges and universities,” said Stemp. “This sets the tone for our state’s schools with simple, prioritized actions to reduce cyberattack risk.”