campus experience

Oct. 22 webinar features cybersecurity expert John Kindervag

The free webinar is one of several Cybersecurity Awareness Month activities organized by the Division of Information Technology.

Angela I. Correa

8 Oct 2025

John Kindervag inset over a picture in Torgersen bridge — Cybersecurity innovator John Kindervag will offer an online talk for students, faculty, and staff on the Zero Trust model at 1:30 p.m. Oct. 22. Virginia Tech photo illustration

October is Cybersecurity Awareness Month, and the Division of Information Technology is offering a number of opportunities to keep you up to speed with the dynamic world of online security.

This year, the marquee event is a talk with cybersecurity innovator John Kindervag, the originator of the Zero Trust cybersecurity model. Kindervag will speak at a free Zoom webinar for the university community on Wednesday, Oct. 22, from 1:30 to 2:30 p.m. The webinar is free and open to the university community.

Zero Trust is predicated on a simple but powerful idea for systems development: Never trust, but always verify. Fifteen years ago, when the idea was introduced, it represented a radical shift from the perimeter-based security practices that were prevalent at the time. Over the years, the utility of Zero Trust has been proven time and time again, and the model continues to break new ground as artificial intelligence (AI)-driven threats and hyperconnected systems expand. Zero Trust has become a foundational principle that enables users and administrators to have greater trust that their data and their online activities will be protected.

Kindervag’s talk will detail the Zero Trust model’s origins and real-world implementations and will offer guidance for building secure cybersecurity frameworks with an eye toward the challenges of microsegmentation, AI integrations, and antifragile systems. Hosted by the IT Security Office, the webinar will include a moderated Q&A session where audience members will have the opportunity to hear answers to their submitted questions.

In addition, the Division of Information Technology is marking the month's observance with resources and activities for the university community.

Capture the flag tournament (postponed)

The Virginia Cyber Range’s annual Cybersecurity Career Week Capture the Flag Competition and pre-game workshop have been postponed. This hands-on event features a wide range of challenges, from introductory to advanced, allowing both newcomers and seasoned players to test their knowledge and sharpen their skills. New dates for the competition and workshop will be announced once they are confirmed. Please visit https://go.vacr.io/CCW for updates and announcements.

Cyber Incident Tabletop Exercise

IT support professionals are invited to participate in an upcoming tabletop exercise. This interactive event presents a safe and engaging opportunity to strengthen preparedness, improve cross-team collaboration and communication, and practice effective responses to a real-world security incident in a scenario-driven environment.

When: Friday, Oct. 17, 1 to 4 p.m.
Location: 370 Corps Leadership and Military Science Building, 355 Old Turner St.
Audience: IT support groups, supervisors, and directors
Space is limited; register at virginiatech.questionpro.com/t/AU3BPZ7FLW
Hosts: IT Security Office in collaboration with Enterprise Solutions and Enabling Technologies Training Team

Find basic cybersecurity tips online

The Division of IT has created Safe Online at Virginia Tech. While cybersecurity threats are constantly evolving, the fundamentals of online safety still prevail. These include using strong passwords, employing 2-factor authentication, and being judicious about which Wi-Fi networks you use. The site contains information to help you avoid scams, protect your accounts, and know when and how to report a suspected cybersecurity incident.

Phishing Education Program

Phishing attacks in the education sector have increased by 47 percent since 2022. A user's ability to detect red flags of a phishing attempt remains one of the most effective defenses to thwart these attacks. Departments can test and improve their employees’ phishing awareness in a safe way through the Division of IT’s Phishing Education Program, which launched earlier this year. This program sends employees of enrolled departments a simulated phishing attack email monthly. These emails are designed to mimic real phishing attacks that are currently circulating.

Employees who correctly identify and report the simulated phish receive an affirmation of their good detection skills. Those who interact with the phish, by clicking a link or providing information, will be directed toward a short phishing training exercise.

To enroll a department, an organizational unit administrator for the department needs to complete the Service Catalog request item. More information about the program is available in this 4Help article.

If you are an individual with a disability and desire an accommodation, please contact Angela Correa at 540-231-4202 or acorrea@vt.edu during regular business hours at least 10 business days prior to the event.