RALEIGH, N.C. - Leaders of the North Carolina National Guard invited hazard mitigation, cyber and information technology experts for Operation Tobacco Road, an exercise held July 21-25 at the North Carolina National Guard Joint Force Headquarters and North Carolina Emergency Management in Raleigh, North Carolina.
The technical cybersecurity exercise invited more than 140 local, state and national government and corporate partner experts to identify and respond to cyber threat actors in a real-time environment that reflected real-world cybersecurity threats.
“It is pretty important for us,” said U.S. Army Maj. Gen. Allen Boyette, the North Carolina National Guard deputy adjutant general.
The teams' goal was to share common cyber defense tools and gain valuable experience in network security and intrusion analysis.
“They need to know why it [cyber training] matters [and] take the lessons learned back,” said Erik A. Hooks, a former North Carolina Department of Public Safety secretary, FEMA deputy administrator and career public safety professional and consultant.
The members were assigned to five different defensive cyber operator teams, which defended a fictional North Carolina local government against a North Carolina National Guard opposing force attempting to exploit any weaknesses in various scenarios.
Other professionals of the assessment team monitored the progress of the cyber operators and provided their expertise to help train them.
“North Carolina has one of the most mature models and emulates Cyber Shield ,” said Eric Zach, chief information security officer at North Carolina Agricultural and Technical State University.
The online interaction, simulated cyber intrusions and in-person tabletop exercises during Operation Tobacco Road tested skills and training. Members identified network vulnerabilities, including hacking, ransomware and unauthorized network access.
“What can we [learn to] do better,” said U.S. Army Lt. Col Seth Barun, North Carolina National Guard chief of Cyber Operations.
Visitors from public and private cybersecurity institutions toured the exercise July 24.
“It [the exercise] will strengthen North Carolina cybersecurity,” Secretary and State Chief Information Officer of the North Carolina Department of Information Technology Teena Piccione said.
Leaders guided their guests to the North Carolina Department of Emergency Management offices at Joint Force Headquarters that were used for the exercise.
“It is a challenging environment,” North Carolina Department of Information Technology Chief Information Security Officer Bernice Russell-Bond said.
Brian Wilson, senior director of information security and chief information security officer at the SAS Institute Inc., a privately held software company, also attended.
“We are here to partner. They build skills here. We hired someone from and he brought a lot of skills to us,” Wilson said.
The North Carolina National Guard’s Cyber Security Response Force hosts Operation Tobacco Road twice a year. The Cyber Security Response Force's mission is to conduct defensive cyberspace operations in support of mission requirements as directed by the North Carolina National Guard’s Adjutant General or Governor. Their duties include responding to cyber incidents, conducting digital forensics, assessing cyber hygiene, performing penetration testing, providing training and engaging in outreach.