In an effort to foster development around rapidly evolving cybersecurity technology, the state of Georgia announced early this year that it is investing millions into the launch of a Georgia Cyber and Innovation Training Center. The 150,000-square-foot facility will serve as an incubator for startup cybersecurity companies as well as focus on research and development of new tech that aims to spur modernization in the field.
The state-owned cyber range aims to bring together government, universities and the private sector to develop and practice protocols that will mitigate attacks and ease responses to cyberthreats.
“Cybersecurity is especially important now that cybercrime is bigger than the global black market for marijuana, cocaine, and heroin combined,” said Georgia Gov. Nathan Deal in a statement announcing the new center. “The protection of Georgia’s citizens, businesses and institutions in the digital realm is becoming significantly more necessary as cybercrime continues to grow.”
Georgia state CIO Calvin Rhodes not only stands behind the governor in building the new cyber-focused facility, but as executive director of the Georgia Technology Authority he will oversee construction and operation of the training center. The center will break ground this spring and open its doors in 2018, likely opening a flood gate of innovation in the security realm and giving Georgia’s technology economy a boost.
RHODES: States house tremendous amounts of data, which makes us a target. And we are only going to see increases in cyber threats on citizen data. We have to be able to defend against that.
Our local government partners struggle with the same cybersecurity issues we do on a daily basis, but many of them simply do not have the resources to try to tackle the problem. As I look at the governor’s goal, at least at a high level, the best way to solve this problem as a nation, organizations or states, is to attract and retain the skill sets we need to be effective in this space.
The workforce component is significant in this, which is why this is not just a technology problem; it’s much broader. There are several components we will need to address if we’re going to be successful in tackling the issues we’re seeing with cyber threats: education and training, research and development, and incubators that can support the small to midsized businesses. This center will provide tools and resources for companies to leverage in looking to address cybersecurity issues.
IT in general changes quickly, but the cyber piece changes literally every day. That’s why trying to find more effective ways to collaborate and combat new cyber threats is important. Centers like this are going to be a necessity — governments making investments at a significant level where it would not make sense in the private sector, and then sharing the resources we have built for the common good.
RHODES: There are many federal partners willing to help us be successful because they know that it will help them as well. The state is extremely fortunate that the U.S. Army has chosen to base the Army Cyber Command at Fort Gordon in Augusta, Ga. They need a large cybersecurity workforce and will use the Cyber Innovation and Training Center as a training component. The National Security Agency also has a presence at Fort Gordon, with a similar mission. The Savannah River Site, a nuclear reservation, is nearby as well. There is certainly a cyber component in ensuring it remains safe and secure.
In the academic space, Augusta University’s Cyber Institute will help to meet the needs of the large employers seeking cyber professionals. Other institutions in the University System of Georgia, as well as the Technical College System of Georgia, will also work to build cyber skills among students and the workforce.
Already there is a desire in the private sector to work together to improve cybersecurity. The private sector is seeing a great value in many of the tools we are bringing to the table.
Each of these groups brings different skills and resources. Collectively, that’s the power of what we’re trying to accomplish here.
RHODES: Collaboration and learning from what others are doing and then passing on lessons learned are the most important elements in cybersecurity right now. In this way, having all these different organizations in close proximity is a big advantage.
At the center, we are looking to have all these different groups communicating and sharing what they are working on as far as they can so that we can collectively solve problems.
RHODES: As the funding was approved in February, we are still in the very early stages of planning the exact technologies that would be involved in the center. Thus far, we have had general discussions around the need to leverage several different technologies to ensure that our cyber range can meet the varied network specifications of those who will be using it. One of the concerns is that many of these ranges have been set up to reflect just a general environment, but we are looking to have the capability to replicate an environment as much as possible.
As far as vendors, we will have more than one provider at the table to ensure we can buy services to keep technologies current. With the rapidly changing nature of this field, the refresh of this technology will be a fairly short cycle.
RHODES: We are looking to train and educate with the aim to then allow the student to get into a safe environment and really put what they’ve learned into action. In assessing their skills, we will look to figure out where the education gaps might still be and then incorporate further learning into the next group.
We’re looking to provide constant learning opportunities for both government employees as well as those leading the cyber trainings. One day, a teacher could be in front of a class teaching and the next day, back in the classroom learning something new. With cybersecurity so rapidly evolving, it’s necessary to cultivate an environment of constant and continuous learning.
RHODES: Startups or companies developing products in the cyber space around a particular threat will be able to test and demonstrate their product’s capabilities in an environment they may not otherwise be able to afford. It gives the company a safe space for both product development and demonstration.
It’s critical for companies to understand whether a technology can really do what it promises before they invest lots of money or time into a product.
RHODES: Any organization, today, is looking to determine where they stand on cybersecurity, identify where their gaps are and try to find a strategy for moving security forward. The state of Georgia has more than 85 state agencies that we are trying to provide security leadership to, and this initiative allows us a way to provide them with skills and tools they can leverage to more effectively do their jobs.
As a large state with a federated model for delivering services, many of our agencies have a cybersecurity component, but these cyber units have varied skill levels. To get everyone on the same page, the center will house our Georgia Cyber Academy, through which the state will provide continuous training. After the training, we will test the skills they have developed in the cyber range, determining gaps in skill levels and providing for more training accordingly, to ensure we have an educated and ever-learning workforce.
Our job, essentially, is to find cost effective ways to better secure citizens’ data and protect their privacy. All of us across state government have that responsibility, and the Georgia Cyber Innovation and Training Center is one additional piece of the puzzle that is going to allow us to do that effectively.