Company background

Trident Technical College is a public, two-year, multi-campus community college that provides quality education and promotes economic development in Berkeley, Charleston, and Dorchester counties of South Carolina. An open-door institution of higher education, and one of the largest institutions in the state, Trident Technical College (TTC) welcomes and serves students from a rich variety of backgrounds in its service area. At the helm of security for the entire college is CIO, M.G. Mitchum. Mitchum has been with the college directing strategy and investments for close to 30 years; he was also at one point a student there.

“I graduated one day, and the next day they hired me as a contractor…and then a couple of months later, I got hired full-time, and then 25 years later, I was very fortunate to be promoted to CIO,” he says.

Over the past three decades, he has grown the IT and security program to be a more proactive partner in securing the organization, saying, “It’s been exciting and a lot of fun trying to apply a holistic, strategic viewpoint to how we procure... and implement technology.” He also notes that choosing the right software and technology has been key to the institution’s evolving financial and security strategy. “Chasing the best of breed was not working for us. It was expensive. We weren’t implementing it.”

Not only does Mitchum take great pride in working for an institution that supports the community and contributes to economic development – for many students, they’re the first in their family to go to college, and numerous students go on to pursue advanced degrees – he also takes pride in securing the personal and financial information of the 13,000+ students, plus faculty and staff. Part of the reason that he’s been so strategic in his tenure is that schools need a strong sense of cybersecurity; they house countless social security numbers, financial aid records, and plenty of other personal information.

“What keeps me up at night is trying to establish a culture of importance and the need to put a priority on cybersecurity, to budget to hire the people, and create that sense of need that this isn’t going to go away. This is a journey that never ends,” he says. “More and more of the accreditation agencies, the [financial] audit teams, are starting to ask more and more IT related cybersecurity questions. And it’s starting to impact our ability to be accredited and to stay in business. So, it’s got to start with the culture.”

The challenges of the hybrid campus

Out of the 13,000+ students enrolled at Trident Technical College, 70-80% of them take at least one online class, and faculty and staff work at least one day from home, making it a fully hybrid campus. Mitchum notes plainly, “It’s been challenging to enable the students to access the resources on the network.”

One of the keys to ensuring access for hybrid employees has been to implement Cisco Duo, particularly for any accounts that need limited or controlled access. “For the privileged accounts, for the real crown jewels, we put them behind Duo,” Mitchum says. This enables staff and employees to log onto the network whether they’re working from their college-issued laptop or their phone. While Mitchum notes that Microsoft MFA is included with M365, he says, “Microsoft was free and easy, but we chose Duo because we trust Duo more.”

Plus, while Duo is a trusted solution, he also remarks that it also ranks high on ease of use. “It was a seamless switchover. People saw how simple it was to implement, so it’s been a very seamless and very, very good experience.”

Solving for the cybersecurity talent shortage

There’s no doubt that stopping new and advancing threats and securing hybrid workplaces aren’t the only things that security leaders are trying to contend with when it comes to keeping their organizations safe; the data shows there are simply more cybersecurity jobs and a need for talent than there is trained talent available. Additionally, Gartner predicts that, “by 2025, lack of talent or human failure will be responsible for over half of significant cyber incidents.” The gap between the demand for talent in cybersecurity and the capacity to fill those roles was a staggering 3.4 million people in 2022. Additionally, Gartner predicts that, “by 2025, lack of talent or human failure will be responsible for over half of significant cyber incidents.”

This is affecting organizations everywhere, and Trident Technical College is no exception. Hiring experienced personnel in the field of cybersecurity is a major challenge, so the institution ends up hiring its own graduates, just like it did with Mitchum. One difficulty that arises from that is that while the new graduates are educated and trained, they don’t yet have the years of experience that come from working in a hands-on IT and security environment.

“It takes time to get people up to speed,” Mitchum notes. But his strategy in using Cisco helps support the success of a growing team in two ways. The first is that Cisco’s security tools, like Duo, are simple and easy to roll out and manage; plus, Cisco security products are meant to work in tandem. This not only provides a better end user experience, but also a better IT user experience. “I needed technology that looked similar, acted similar, and had the same support structure so I didn’t have to reinvent the wheel each time.”

Trident Technical College has also contracted with Cisco's business critical services to bring in experienced network engineers and architects to help implement cybersecurity measures. This frees up the college’s internal teams to handle day-to-day operations and allows for Cisco consultants to partner with Mitchum and develop a long-term security roadmap.

The road to zero trust

In 2023, South Carolina was the fastest growing state, with a huge influx of people moving into the Charlestown area. With new families comes the possibility of greater enrollment – and that means more endpoints to secure. “We just have…too many endpoints that we don’t own and we don’t control, that we’re being required to allow access. So, the challenge going forward is, from a zero trust perspective, is ensuring those devices are in fact secure and that we do trust [them],” Mitchum says.

Mitchum’s strategy for the future includes a growing focus on visibility and zero trust. Duo Trusted Endpoints and Duo Desktop are on the technical roadmap of upcoming implementations for TTC to help further strengthen its security posture. “The use of Duo and other Cisco security products, one of the goals is to have a much greater visibility into the traffic that is on our network, who is on our network, and what they are doing.”

Mitchum’s vision for strategic security has steered his whole career and has served him well in helping the college face tough security challenges like protecting a hybrid campus and facing the all-too-common shortage of cybersecurity workers. Working together with Cisco has also helped make his strategical vision successful and bolstered security across Trident Technical College.