Imagine working as an accountant for a large nonprofit and discovering that over 500 W2 tax forms are suddenly missing from your computer's hard drive. Ed Rios, CEO of the National Cybersecurity Center in Colorado Springs, says his organization received a phone call describing just such a situation a couple of months ago.
While Rios does not identify the nonprofit, he says that the NCC was able to diagnose how its W2 records were taken – through an e-mail scam in which an employee was tricked into turning over the tax forms – as well as provide training for the organization on how to avoid such a disaster in the future.
That's just one example of how the NCC's Rapid Response Center is designed to work. And not only does it help mitigate damage whenever victims contact the NCC with reports of being targeted by hackers or digital criminals, it also provides proactive cybersecurity measures to protect individuals and organizations from being attacked in the first place.
As described in our feature "Red Alert," Colorado computers were a target of Russian hackers as far back as 1996.
But the NCC wasn't established until last year. It has its origins in an economic development trip that Governor John Hickenlooper took in 2015, when he visited Tel Aviv and learned about an Israeli cybersecurity center that brings together government officials, university researchers and private businesses to trade knowledge about preventing cyberattacks.
“The connection between research, the government and business there was intimate. And I came back saying, 'We don't have anything like that in the United States,'" Hickenlooper recalls. “I was also informed by a couple friends about just how much cybersecurity capacity we have [in Colorado], in part because of U.S. Northern Command down in Colorado Springs."
Not long after, Hickenlooper says he made a decision: “Let's put together a national center here in Colorado.”
The center became a reality in May 2016, when Hickenlooper signed a bill establishing the NCC as a 501(c)(3) nonprofit in Colorado Springs. Since then, the NCC has been developing its Rapid Response Center and forming relationships with universities, private cybersecurity companies in Colorado and federal agencies like the Department of Homeland Security, so that it can become a go-to resource for the most current information around emerging cyber threats.
Colorado Springs Mayor John Suthers stands between Governor John Hickenlooper and NCC head Ed Rios (front, center) at the 2016 Governor's Cyber Symposium.
National Cybersecurity Center
In September, the NCC will move into a sprawling, 135,000-square-foot facility located on the campus of the University of Colorado Colorado Springs, Rios says. The NCC's plans include forming a call center that will field emergency requests on its hotline (1-877-90-CYBER) and expanding the number of trainings that it conducts through its Cyber Institute and Cyber Research, Education, and Training Center.
The training programs are designed to educate different types of people and organizations – students, entrepreneurs, small businesses and larger corporations – as well as politicians at the local and state levels on how to protect themselves from an ever-expanding list of cyber threats. The NCC is also reaching out to cities and counties around Colorado and offering to provide officials and staffers with the latest and most effective tools to protect their information systems.
"And the challenge here is that it can't just be a one- or two-day training, because technology changes and the nefarious intent of criminals change,” Rios explains. That means that the training has to be consistent and ongoing.
Rios has seen the evolution of cyber threats firsthand, having worked in information technology for decades, including with the military. But he thinks the NCC is unique, an innovative step championed by a forward-looking governor. "I think the governor’s experience and decisions were quite visionary," Rios says.
If you like this story, consider signing up for our email newsletters.
SHOW ME HOW
You have successfully signed up for your selected newsletter(s) - please keep an eye on your mailbox, we're movin' in!
Once the NCC has opened its building at the University of Colorado Colorado Springs, Rios hopes to expand partnerships with other universities (upwards of 100 by 2019), as well as increase the number of organizations and individual members it supports through the Rapid Response Network.
Getting 24/7 cybersecurity support from the NCC will cost students $75 a year, and other types of organizations or political offices will pay membership fees based on their size and cybersecurity needs.
"We really want to foster an entrepreneurial community around the cybersecurity center as it grows," says Hickenlooper. "And it will be the interface between the business world — especially smaller businesses — and federal agencies [like Homeland Security] in which responsibility for cybersecurity rests."