With artificial intelligence significantly changing what a cyberattack can look and sound like, a new St. Clair College program aims to put local leaders inside simulated cyber crises before they face one for real.
The program, called NOW-AI, is being developed in partnership with siberX, a Canadian cybersecurity simulation company, and the SANS Institute, a global cybersecurity training organization.
It is expected to launch at St. Clair College this October and is designed for working professionals, including executives, managers and technical leaders in sectors such as health care, banking, manufacturing, public services and municipal government.
“This region has had some experience with respect to cyber attacks,” said Michael Silvaggi, president of St. Clair College.
In 2023, a ransomware attack hit the regional hospital network serving Windsor-Essex and Chatham-Kent, disrupting operations and exposing some patient and employee information.
The University of Windsor also reported a cybersecurity incident in 2022, while other universities across Canada were impacted just this month by a cybersecurity incident involving Canvas, a platform used for grades, assignments and course materials.
Silvaggi said St. Clair College sees an opportunity to help organizations prepare before they are forced to respond to a real cyber crisis.
“We are the only player in town with respect to southwestern Ontario that can bring this forward to companies, to entrepreneurs, training that we know is vital,” he said.
“It only takes one exercise for you to become an expert, and certainly we want it to be out of a proactive aspect as opposed to living the exercise in real time.”
As part of NOW-AI, the full-day program will place executives inside high-pressure scenarios where they must respond to AI-driven cyber incidents, manage regulatory and reputational consequences, and make time-sensitive decisions that could affect an organization’s operations.
Rushmi Hasham, director of mission programs and partnerships with the SANS Institute, said many organizations are adopting AI tools without fully being aware of the risks that come with them.
“We’re inviting technologies in that we want to enable and create efficiencies,” said Hasham.
“But those technologies that we’re inviting into our organizations are highly disruptive. Without understanding what we’re inviting in, we’re never ready.”
Hasham said the program is meant for leaders across several sectors, not just large corporations.
She said municipal leaders, health-care organizations, financial institutions and small- to medium-sized businesses all need to understand how AI can both help and disrupt their operations.
“This is for leaders of any size organization,” said Hasham. “We want to make sure that they are able to consume information in a real-world applicable way.”
Ali Hirji, executive chair of Operation Defend the North and executive director of the Canadian Centre for Cyber Defence, said AI has changed the speed of cybersecurity response.
He said organizations may no longer have hours to determine whether suspicious activity is malicious.
“When those logs come in, those anomalous malicious logs, you could take some time to analyze it,” said Hirji. “Today? You’ve got to have the ability to use AI to do what would normally take three hours, within three minutes.”
Hirji said cyber response can no longer be treated as an issue for IT teams alone.
A cyber incident can quickly involve communications, human resources, finance, public trust and the continuity of everyday services.
“When these attacks are happening, and let’s assume they’re AI-driven, do you have the communications capacity to determine if you’re dealing with a deepfake?” he said.
“If it’s a deepfake video that’s circulating? If it’s a deepfake audio note, do you have the capacities to review that?”
Hirji said the broader public also has a role to play when a cyber incident affects a major local institution, such as a school, hospital or government service.
He said misinformation can spread quickly during a crisis, making it harder for an organization to respond and recover.
“If anybody thinks about who’s on the front lines, it’s not the IT folks and it’s not the organization under attack. It’s citizens and community members at large that play a part,” said Hirji.
He said that can be as simple as not sharing unverified posts, screenshots or rumours while an organization is still trying to respond.
Hirji added immersive training is different from traditional instruction because it forces leaders to practise decision-making under pressure.
“The whole idea is to train not for consumption, but to train for actual engagement,” he said.
Program officials say Windsor-Essex is a natural fit for the program because of its concentration of manufacturing, financial services and public sector organizations facing growing AI governance requirements.
Participants who complete the program will earn a SANS and siberX badge and certificate based on their demonstrated application of AI risk management, security and governance principles.
Silvaggi said the program is not expected to be embedded into St. Clair College’s regular post-secondary programming at the outset. But, he said, there are opportunities to change that in the future.
“We start embedding it into our post-secondary curriculum, and now we’re delivering this expertise into the classroom, which really broadens that audience significantly,” the college president said.
Hasham said the training will also need to keep changing as AI technology evolves.
“It is built for today’s moment as we look into a vision horizon of three to six months,” she said.
Registration details and specific program dates are expected to be announced in the coming months.