Coming into this year with new challenges and ongoing constraints has not stopped us from filling our schedules with events and opportunities to keep spreading cybersecurity education to different communities throughout the State.  We are always asking "What more can be done?" and we thank you for joining us on the journey to answer this question.

Strengthening Tribal Sovereignty Through Cybersecurity Education: OCCoE's Growing Partnership with Tribes in Oregon

L to R: Dr. Peter Chaille (PSU), Dr. Rebecca Hawk (PSU), Richard Rader (CTO, Cow Creek Band of Umpqua Indians), Dr. Margaret Banyan (PSU) 

In 2024, OCCoE acquired a grant through PSU to help tribes in Oregon bolster their cyber resilience and data sovereignty.  Through many months of hard work and connection building, we are excited and honored to see this project gaining traction, with multiple upcoming opportunities for tribal communities.  

With this growing partnership, the grant team was invited to host three presentations at the Affiliated Tribes of Northwest Indians Winter Convention yesterday!  These presentations were with the Telecommunications and Technology Committee, the TERO (Tribal Employment Rights Office) Committee, and the Higher Education Committee.

Further, our longstanding Certificate in Building Cyber Resilience program - which started on January 16 with its largest cohort yet with 50 active participants - is expanding to the Certificate in Building Tribal Cyber Resilience, tailored to the context of tribes in Oregon. The tribe-only cohort will run Fridays from April 10 - June 26.

OCCoE is also offering an online seminar program for all tribal members or tribal employees in Oregon, with or without backgrounds in cybersecurity!  Please see blurb below and share with anyone who might be interested: 

Prepare to protect your digital life by attending our upcoming Introduction to Cybersecurity Mini-Course. This free, four-week online course offers personal instruction to cover the essential fundamentals of digital defense and safety. Attendees will receive a certificate for course completion. 

Course dates: 2/24, 3/3, 3/10, 3/17

Tomorrow! Cybersecurity Tabletop Exercise Pre-SDAO Annual Conference 

Presented by LBL Cybersecurity in partnership with the Oregon Cybersecurity Center of Excellence and the State’s Cyber Security Services Office, this free cybersecurity tabletop exercise is designed to strengthen your organization’s ability to respond to today’s evolving cyber threats effectively and collaboratively.

Designed specifically for Special Districts, but applicable to all in public sector, the exercise features realistic, high-impact scenarios that reflect the financial, operational, and reputational risks districts face every day.

Participants will work through a fast-moving, interactive exercise that begins with a social engineering incident and escalates into cascading impacts across internal systems, partner agencies, and the public eye.

SDAO registration is closed.  If you would like to attend this TTX last minute, please email us at occoe@pdx.edu to discuss options.  

All Tech Students: Explore Careers in Tech at University of Oregon 2/11

Over 10 companies in cybersecurity and other related areas will be looking to connect with college students interested in working in tech.  Representatives from these companies will be sharing full-time and internship positions, career advice, and feedback for students on their resumes.  No registration required!  

When:  February 11, 2026 - 3:00pm-6:00pm (come and go!) 

Where:  University of Oregon, EMU 214 - 1395 University St, Eugene, OR 97403

Capture the Flag Competition for NW Cyber Camp Attendees

Youth who attended NW Cyber Camp will compete in a jeopardy-style Capture the Flag Competition over 72 hours this February. Utilizing Cyber Skyline's CTF platform allows NW Cyber Campers to practice, develop, and assess their technical cybersecurity skills through challenges aligned with the NIST NICE Cybersecurity Workforce Framework. Cyber Skyline also hosts the National Cyber League competition for collegiate teams, so our NW Cyber Camp high school players get early exposure to this cloud-based competition.

OCCoE Partners Presenting Together at CIS Conference 2/25

Cybersecurity threats are growing in complexity and frequency, yet many small organizations—especially local governments—struggle to access affordable, effective protection. This session brings together experts from the Lane Council of Governments (LCOG), ORTSOC, University of Oregon Teaching Security Operations Center (TSOC), and the State of Oregon’s Cyber Security Services (CSS) to showcase practical, cost-effective cybersecurity solutions tailored for small entities across Oregon.

Find us on the agenda: February 25, 2026 -11:00am-12:00pm

March 3, 2026

12:00pm-1:00pm

Modern operating systems, such as Linux, include a vast range of features to support many different devices and use cases. However, most systems only rely on a small fraction of this functionality. The unused portions of the operating system increase the system’s “attack surface,” creating more opportunities for security vulnerabilities. This lecture examines recent advancements in kernel debloating, a method for trimming unnecessary parts of the operating system kernel to reduce code size and improve security. The presentation introduces TRACIE, a tool that observes real system behavior and customizes the kernel based on how the system is actually used.  The lecture then highlights DICE, a new approach that does not rely on system activity traces. Instead, it analyzes the kernel’s configuration structure and iteratively removes unnecessary components. Finally, the talk presents an empirical analysis of the Linux configuration system itself. Findings show that structural constraints—such as overly broad configuration options and rigid dependency rules—limit how effectively the kernel can be reduced through configuration-based methods. These results point toward opportunities for future improvements in kernel design and configuration mechanisms.

Detecting unexpected changes in a system’s runtime environment is critical to resilience yet challenging in today’s production servers. In this talk I will describe our solution:  runtime integrity measurement for the operating system kernel and hypervisor using System Management Mode (SMM).  SMM is a general purpose, widely available mechanism on x86 CPUs used for a variety of critical runtime management tasks such as including managing CPU power states and handling thermal throttling. It is a promising approach to runtime monitoring because it runs at a higher privilege than host software, an advantage when host software has been compromised, and its hardware-protected memory (SMRAM) is strongly isolated from host software as it can only be read or written from SMM.   However, key challenges include the possibility of severe performance impacts, semantic gaps between SMM and host software, high overheads, overly broad access permissions, and lack of flexibility.  Our Linux and Xen prototype results show that our approach, EPA-RIMM, meets performance goals while continuously monitoring code and data for signs of attack, and that it is effective at detecting a number of recent exploits.

March 6, 2026

12:00pm-1:00pm

If you'd like to attend an OCCoE seminar, please email us at occoe@pdx.edu to receive the link!