Guest Author: Frank J. Grimmelmann, President and CEO of Arizona Cyber Threat Response Alliance (ACTRA)

In a previous blog post ACTRA: Nurturing a Cyber Threat Response Community, Cisco’s Peter Romness introduced readers to the Arizona Cyber Threat Response Alliance (ACTRA), an organization which I founded back in 2013. We discussed how ACTRA is helping to foster community in the landscape of cyber threat response as well as train tomorrow’s defenders. The purpose of ACTRA is to help Arizona to become the most cyber-secure state in the United States as well as to serve as an example for and lend support to other States’ efforts to improve their cyber threat response capabilities.

How ACTRA intends to get there

At ACTRA, we have a specific plan for reaching this level of influence. It’s called the North American Cyber Range Alliance (NACRA). The aim of the initiative is to grow the number of skilled and trusted cyber threat responders in the United States for the purpose of augmenting the nation’s cyber defenses as a whole. It does this by forging alliances between cyber ranges that promote autonomy and individual creativity at the local level, all while fostering collaboration and a common code of conduct to help the United States defend its interests in cyberspace.

That code of conduct affirms everyone’s commitment to taking an ethical, safe, collaborative, inclusive, respectful, and legal approach to cyber range operations. Both volunteers and visitors to NACRA ranges must abide by those standards. It’s the only way that veterans of the industry along with aspiring learners will get the most out of NACRA’s live-fire learning environments.

The instrumental part that Cisco plays

All of us at ACTRA were thrilled when Cisco decided to get involved. Through a very generous donation of the entire Cisco cyber security suite, we have been able to work with educators in a pilot at five community colleges. Cisco’s donation has proven instrumental in our ability to conduct community outreach with students, not to mention further the education across our member organizations. It’s opened up so many doors for individuals who want to go forward in both degree and non-degree programs.

Working with Cisco is a long-term strategy. The plan is to bring in other states to adopt grassroots efforts that are similar to ACTRA. We have a program under NACRA to be able to reach out to other communities and assist them in bringing up grass roots and launching them on a rapid deployment strategy. Towards that end, we have deployed similar initiatives in the State of Wisconsin, and we are in conversations with several other States to try and have them develop programs of their own using their unique cultural attributes and models from the local community that draw from the work we’ve done but that are still uniquely theirs.

Once these other initiatives are in place, we can then form a national swarming defense strategy that takes the best of the best and integrates that into a cyber threat response strategy. And Cisco is helping us to make that happen.

From my experience working with Peter and others at Cisco, it’s clear to me that we share some common goals. Cisco recognizes the importance of making sure that organizations like ACTRA can prosper so that we can have a more coordinated strategy to keeping citizen data safe. It’s something that’s good for the security and privacy industries in general. Part of that could be because Cisco wants to train people, as well. It shows; the company has provided invaluable help to ACTRA in terms of training and other material support.

It’s an incredible opportunity for tomorrow’s defenders to be using Cisco’s products to train in workshops, laboratories and other settings. Those products are central to the education of our vCERT team, the virtual SME response team. As such, Cisco is helping everyone to utilize state-of-the-art tools to keep organizations safer and their stored data more secure. This all goes to show that you can be a for-profit company that can do good for the industry and do well financially at the same time. The two aren’t mutually exclusive.

ACTRA and Cisco: A bright future ahead

All of us at ACTRA are looking ahead to a very bright future with Cisco. We already have some additional collaboration opportunities lined up. For example, we are going to work together to host a variety of workshops in October of this year in celebration of National Cyber Security Awareness Month (NCSAM). A few months later, early next year in February, we will have a national exercise. We are in discussions with Cisco to create the messaging with us.

All of these efforts with Cisco are meant to tackle the bigger problem we all have, which is cyber security. And we all need to come together in a united front to respond to the threat. We’re honored to have Cisco standing at our side.

For more information about ACTRA, its mission and its initiatives, visit actraaz.org.



Peter Romness

Cybersecurity Principal, US Public Sector CTO Office