Information Security Center event header blue background

Incident Response Tabletop

Session 1: Ransomware - May 10, 2022
Session 2: Network Breach - May 24, 2022

Presented by the CCC Chancellor's Office in collaboration with the CCC Information Security Center


Ransomware Incident Response Exercise
Tuesday, May 10, 2022

10:00 am - Noon

Add to Calendar

Network Breach Incident Response Exercise 
Tuesday, May 24, 2022

10:00 am - Noon

Add to Calendar



These sessions will held online and will not be recorded.

Event Contacts

Event Information:

Stephen Heath
CCC Chancellor's Office

Registration Issues:

Sandoval Chagoya
CCC Technology Center

Accessibility & Accommodations

We strive to host inclusive, accessible events that enable all individuals, including individuals with disabilities, to engage fully. To request an accommodation, interpreter services, or for inquiries about accessibility, please email In order to arrange any necessary services, we request at least four weeks of advance notice.

There is Still Time to Register for Session 2

Security incidents rarely occur at a convenient time and tend to proceed at a fast pace, so it is important for participants to understand the roles and responsibilities of being on an Incident Response team.

Delivered by the California Community Colleges Chancellor's Office, in collaboration with the CCC Information Security Center, the intent of this Incident Response Tabletop exercise is to introduce participants to the flow of events and actions that typically occur during a security incident.

This exercise has been structured as two events: One is a ransomware attack and the other is a malicious network breach. The sessions will be presented on two different days, so that participants may plan on attending either session or both.

Each session will introduce the different types of attacks and the process of incident handling, including detection, containment, eradication, and recovery. We will spend the bulk of the session on an incident response exercise/case study, and leave time at the end of the session for Q&A.

Session 1: Ransomware Incident Response
Tuesday, May 10, 2022 - 10 a.m. to Noon
Registration has closed

Session 2: Network Breach Incident Response
Tuesday, May 24, 2022 - 10 a.m. to Noon
Register for Session 2 (closes May 19)

Featured Speakers

Harry Regan
Mr. Regan has over 35 years’ experience in information security and has been involved with developing or refining security programs for a variety of academic institutions including Connecticut Community College system, the Connecticut State University system, the California State University system, Maryland University, Johns Hopkins University, Yale University and others. Currently, he is part of the Infosec team with the California Community Colleges Chancellors Office.

Mr. Regan holds a BA in Economics from Catholic University of America and an MS in Information Technology and Operations Research from American University, both in Washington, D.C. Additionally, he has been a prolific speaker on security issues in such forums as the RSA Security Conference, DEFCON, Secure360, DebryCon and many other security conferences.

Larry Suto
Mr. Suto has over 20 years experience in information security. Mr. Suto has provided services to large companies such as Wells Fargo, Charles Schwab and Cisco. He has also worked with educational institutions such as UC Irvine Health and now performs security testing services for the California community college system through the CCC Technology Center.

Mr. Suto has published original research on the efficacy of commercial web application security testing tools and has spoken at conferences such as Defcon and Derbycon.

Who Should Attend?

  • CCC Information security officers
  • CCC IT management
  • CCC IT staff

This tabletop exercise is designed specifically for California Community Colleges personnel and approved partners/vendors. Only verified personnel will be authorized to attend.

Registration Procedure

Once your registration has been received it will be reviewed by the event hosts. Approved participants will receive an email with participation access. For security purposes, this information will only be sent to college or district email addresses.

Approved registrants will be asked to take one additional step to confirm receipt of the participation access information.