Cyber students help protect civic institutions vulnerable to hackers

For sophisticated hackers, small government agencies and local institutions can seem like sitting ducks. And while the federal government and major corporations all have generous budgets to fund monitoring and protection, most smaller organizations and civic institutions simply do not.

“Colorado has many huge rural counties, way distant from cities, that have zero budget, expertise or practical means of providing protection from hackers,” said Richard Mac Namee, director of the Cybersecurity Center at Metropolitan State University of Denver.

That’s a big problem. Cybercrime accounts for a jaw-dropping amount of money — it’s predicted to reach a global cost of $8 trillion this year — and the threat is only growing. Fortunately, the PISCES (Public Infrastructure Security Cyber Education System) program at MSU Denver has found a  solution. The University’s Cybersecurity program supports 10 “customers,” including school districts, county governments and a fire department.

Through PISCES, student analysts provide a monitoring service, and when they spot anything suspicious, they escalate it immediately to the National Cybersecurity Center. The Colorado Springs-based nonprofit, which promotes cybersecurity innovation, education and workforce development, then passes on details of the security concern. Mac Namee says it’s fast, efficient and remarkably effective.

“Smaller organizations desperately want help right now to protect their systems, while students training to be cyberanalysts absolutely need experience working with real data,” explained Mac Namee. “Put them together, and everyone wins.”

Expanding program

Program supporters say the beauty of PISCES, which originated in Washington state before coming to Colorado, lies in the simplicity of its central premise:  pairing organizations that lack any digital protection with Cybersecurity students who crave experience in a live working environment.

Although successful, PISCES has operated at a modest level. Mac Namee sees the program’s potential to help many more organizations on a much broader scale.

“The current risk level is the highest I’ve seen in five years,” Mac Namee said. “The introduction of AI, in particular, has meant even novice hackers can now weaponize advanced tech for serious attacks. We’re at a turning point, where immediate action is necessary.”

RELATED: Program guides students with autism to cybersecurity careers

Others are recognizing the growing threat and the potential of PISCES to address it. Last month, the Colorado Attorney General’s Office awarded the program $500,000 to expand across the state over the next two years, with the potential for another $250,000 in 2025.

Attorney General Phil Weiser said PISCES will create more jobs in the cybersecurity field and recruit participants from rural communities into this good-paying profession.

“And all the while, it will be protecting Colorado residents from cybersecurity threats,” he said.

A proactive approach

One of the organizations benefiting from the students’ help is West Metro Fire Rescue. And the department’s IT director, Eric Bates, said the program has been a runaway success.

“The vast amount of data generated by our systems had been posing a real challenge to us,” Bates said. “But fortunately, PISCES and MSU Denver came to our aid with a game-changing solution that has fundamentally improved our cybersecurity operations.”

RELATED: Cyber heroes prepare for battle

Bates has been impressed by the students’ cutting-edge knowledge and fresh perspectives. But most of all, he is struck by their proactive approach to detecting and responding to potential security threats.

“They have shown real skill and dedication in handling our difficult work and often uncover anomalies that our other threat-response services might miss,” he said.

Hands-on experience

Among the biggest winners from the program have been MSU Denver’s Cybersecurity students, whose overall learning experience has vaulted to a whole new level.

“Working with the PISCES program means we get to apply all the concepts we learned in class within a realistic but guided setting and then refine them through continual practice,” said Monica Ball, a Cybersecurity student. “There’s nothing like getting hands-on experience of everything we’ve learned, such as analyzing workflow, contextualizing alerts and judging search parameters, then putting it all together under real-life circumstances. It’s a really cool way to hone your cyberanalysis skills.”

Crucially, Ball added, the program also helps the students demonstrate to potential future employers that they’re made of the right stuff.

“Most employers are looking for graduates with a degree and relevant experience in the field,” Ball said. “Working with PISCES not only boosts our confidence; it also gives us something tangible to discuss in interviews and makes us way more hireable.”

Ready for action

By immersing students in real-world scenarios and setting them to work on reams of live data (and malicious threats), PISCES makes sure they’re primed to tackle challenges in the workplace.

That’s also why Mac Namee is looking to recruit more MSU Denver Cybersecurity students and graduates to join the PISCES program. He knows it’s a unique opportunity for them.

“With cybersecurity, you essentially only really learn by doing,” he said. “And believe me, nothing teaches a student faster than getting thrown into the metaphorical deep end during live situations.”

RELATED: Cybersecurity student aims to help diversify the workforce

Although there is a huge demand for cybersecurity professionals (3.5 million job vacancies worldwide, in fact), Mac Namee points out that employers are emphatically looking for students who have also earned their stripes in the real world.

“On its own, a four-year Cybersecurity degree doesn’t necessarily make you workforce-ready,” he said. “You also need the kind of real live experiences that you’ll only get from internships, work placements or opportunities such as the PISCES program.”